Security Incidents mailing list archives
Re: Interesting reply
From: Mikael Gripenstedt <idol () CHELLO SE>
Date: Thu, 12 Oct 2000 23:23:23 +0200
On Thu, 12 Oct 2000, Gary Flynn wrote:
"Forrester, Mike" wrote:From my experience (I work for a broadband ISP), most of our problems with people scanning is from a compromised system. No, I don't have exact numbers, but MOST is about right. ;)Mike, How do you determine if the box used for scanning is compromised? Do you take the owner's word? How about other ISPs listening here? -- Gary Flynn Security Engineer - Technical Services James Madison University Please RUNSAFE http://www.jmu.edu/computing/info-security/engineering/protecting_yourself.htm
I would say that most scans come from bored ppl looking for a easy target and whois rather clueless about what they are doing. At least most of the customers we contacted after a reported incident seem that way... regards, --] Mikael Gripenstedt UNIX SysAdmin | chello broadband, Sweden
Current thread:
- Re: Interesting reply Crist Clark (Sep 30)
- <Possible follow-ups>
- Re: Interesting reply H Carvey (Sep 30)
- Re: Interesting reply Forrester, Mike (Oct 11)
- Re: Interesting reply Gary Flynn (Oct 12)
- Re: Interesting reply Mikael Gripenstedt (Oct 13)
- Re: Interesting reply Gary Flynn (Oct 12)
- Re: Interesting reply H Carvey (Oct 13)
- Re: Interesting reply Keith Pachulski (Oct 16)
- Re: Interesting reply Rick Ballard (Oct 16)
- Re: Interesting reply Aj Effin ReznoR (Oct 24)
- Re: Interesting reply Rick Ballard (Oct 16)
- Re: Interesting reply Forrester, Mike (Oct 19)
- Re: Interesting reply Narins, Joshua (Oct 19)
- Re: Interesting reply Forrester, Mike (Oct 20)
- Re: Interesting reply Turpin, Jason (Oct 25)
- Re: Interesting reply Aj Effin ReznoR (Oct 25)
- Re: TCP connections to port 1024 - DDoS? Neil Long (Oct 26)
(Thread continues...)