Nmap Announce mailing list archives
Re: Intrusion Detection was Detected NMAP scan
From: Philip Ehrens <pehrens () ligo caltech edu>
Date: Wed, 6 Jan 1999 16:31:06 -0800
Frank W. Keeney scribbled:
Here is a sample of what I normally send out: (lot's of finger pointing followed)
well, again, the problem is that you are only notifying these domains that THEY have been compromised. And the list of names might send a paranoid sysadmin on a real nasty witchhunt after innocent folks. Someone who is out there "owning" boxes is going to be using other peoples accounts on systems not their own. pursuing prosecution against a hacker is an extremely unlikely scenario, so just being aware, and fixing things as soon as you know they're broken, is the biggest deterrent. By overreacting to every suspicious scan you only succeed in making people paranoid, nothing gets fixed, and much damage could be done. Phil -- Phil Ehrens <pehrens () ligo caltech edu>| Fun stuff: The LIGO Laboratory, MS 18-34 | http://www.ralphmag.org California Institute of Technology | http://www.yellow5.com 1200 East California Blvd. | ftp://ftp.no.pgpi.com/pub/pgp Pasadena, CA 91125 USA | http://www.mjt.org Phone:(626)395-8518 Fax:(626)793-9744 | http://www.powells.com
Current thread:
- Intrusion Detection was Detected NMAP scan Frank W. Keeney (Jan 06)
- Re: Intrusion Detection was Detected NMAP scan David G. Andersen (Jan 06)
- Re: Intrusion Detection was Detected NMAP scan Matthew Franz (Jan 06)
- Re: Intrusion Detection was Detected NMAP scan Philip Ehrens (Jan 06)
- <Possible follow-ups>
- Re: Intrusion Detection was Detected NMAP scan 'Philip Ehrens' (Jan 06)
- RE: Intrusion Detection was Detected NMAP scan Frank W. Keeney (Jan 07)
- Re: Intrusion Detection was Detected NMAP scan David G. Andersen (Jan 06)