> > Anyhow, I noticed that certain vulnerability scans, for > example scans > > using Nikto and similar tools, when run from a Comcast > address show a > > different behavior than when they are run from a clear, uncontrolled > > Internet connection (i.e. corporate T-3). In fact, it appears like > > Comcast has an Inline-IDS (some call it an IPS ;) sitting > on its wires, > > filtering out certain signatures and blocking subsequent > access for a > > short period of time. For example, scan progresses, then hangs > > inexplicably, then resumes, trips a sig, and hangs again.
Adelphia (cable modem) has also been fishy lately. Something new in the past couple of months. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
