Security Incidents mailing list archives
Re: Interesting reply
From: H Carvey <keydet89 () YAHOO COM>
Date: Fri, 29 Sep 2000 13:56:24 -0700
Crist,
Oops, I did not fully qualify that. I would guess,
However, the point remains...you are guessing. Do you have any empirical data (log files, etc) to back this up?
But think of all the script kiddies with their new h4x0R boxen (a default install of RedHat waiting to be exploited by some other kiddie) wetting their pants over their new broadband connection and scanning 0.0.0.0/0 for every exploit under the sun.
I do...but that doesn't constitute compromised boxes. These scans can be effectively ignored...unless, as I stated, they become a bandwidth/performance issue.
But you always have to remember despite all of the measures you take, someone may still slip through.
The idea is to make it a non-trivial exercise for someone to compromise your systems and data. As far as "slip" goes...that would indicate either an entirely new exploit that isn't even publicly available, or failure to close a previously identified hole.
To reiterate what the original point I was trying to make, I feel that reporting scans to the source can be a worthwhile endevour.
I agree that reporting potentially compromised systems, based on data, is worthwhile. Reporting each kiddie that scans you to his ISP can be futile, particularly is the ISP's net use/abuse policy doesn't cover that activity. __________________________________________________ Do You Yahoo!? Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free! http://photos.yahoo.com/
Current thread:
- Re: Interesting reply Crist Clark (Sep 30)
- <Possible follow-ups>
- Re: Interesting reply H Carvey (Sep 30)
- Re: Interesting reply Forrester, Mike (Oct 11)
- Re: Interesting reply Gary Flynn (Oct 12)
- Re: Interesting reply Mikael Gripenstedt (Oct 13)
- Re: Interesting reply Gary Flynn (Oct 12)
- Re: Interesting reply H Carvey (Oct 13)
- Re: Interesting reply Keith Pachulski (Oct 16)
- Re: Interesting reply Rick Ballard (Oct 16)
- Re: Interesting reply Aj Effin ReznoR (Oct 24)
- Re: Interesting reply Rick Ballard (Oct 16)
- Re: Interesting reply Forrester, Mike (Oct 19)
- Re: Interesting reply Narins, Joshua (Oct 19)
- Re: Interesting reply Forrester, Mike (Oct 20)
(Thread continues...)