On Tue, Mar 06, 2001 at 01:12:46AM +0000, Tim Haynes wrote:
> > It's also possible that someone is just exploring.
>
> Then they need educating that scanning such a vast range of ports is an
> unacceptable definition of `exploring'.
Well, that's your opinion. I don't know that I agree ... presumably
I've already tied down my services; why do I care if someone is
checking which ports are open? When I did see an extensive portscan I
usually fired off one of my own to see what was up at that end. More
often than not it turned out to be a misconfigured monitoring box
(ever seen Whatsup at work?)
OTOH I'll always defend your right to apply your opinion to your
machines; if you want to get after someone who's portscanning your
machines I won't stop you :)
> > As a former network administrator I wasn't too worried about portscans
> > unless they were followed up with actual connections. I also used
> > portscans when needed to discover what users on the network were up to.
>
> Sure, but I hope you didn't let rip with them on other networks or sections
> of network over which you didn't have control.
We had a /18; I had plenty of IPs to keep an eye on. Some people were
less cooperative than others.
--
Nathan Norman - Staff Engineer | A good plan today is better
Micromuse Inc. | than a perfect plan tomorrow.
mailto:[EMAIL PROTECTED] | -- Patton
PGP signature
