Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Scans from proxyprotector.com

From: "Mark Ng" <laptopalias1-mark () informationintelligence net>
Date: Sun, 18 May 2003 16:17:11 +0100


Shawn Duffy wrote:


I have more connections from proxyprotector than any other single host
in my Snort logs... and I don't use IRC at all... so them suggesting
that this is only related to IRC is bulls***...


Indeed - so it seems - I was merely echoing that they do have a website and
they *claim* to be whitehats.  However, I have since checked some IDS's for
this kind of activity and can confirm that they do appear to just be
scanning the internet.

I will be filing complaints with their ISP's abuse team, and with
abuse@proxyprotector too.  It seems that they are definitely doing something
that they are not advertising.  To be noted is the fact that they mention
that they list in "several DNSBL's" without mentioning which ones, do not
allow lookups against their database, and that their link to "self-test"
404's.






----------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies 
that are enforced to protect WLANs from known vulnerabilities and threats. 
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at:    
http://www.securityfocus.com/AirDefense-incidents
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: