anti-spam vs network abuse
up at 3.am
up at 3.am
Sat Mar 1 15:45:07 UTC 2003
On Sat, 1 Mar 2003 jlewis at lewis.org wrote:
> On Fri, 28 Feb 2003, Andy Dills wrote:
>
> > You don't have to. This is why I never understood why people care so much
> > about probing. If you do a good job with your network, probing will have
> > zero affect on you. All the person probing can do (regardless of their
> > intent) is say "Gee, I guess there aren't any vulnerabilities with this
> > network."
>
> When I hooked up my first server on the internet back in 1993, I was kind
> of shocked that some far away stranger was trying to log into my POP3
> server. Unwanted connections have been a fact of life on the internet
> probably since its beginning.
Maybe so, but I think any net admin should care if his hosts are being
probed, even if he is under the mistaken assumtion that those hosts are
invulnerable. If I see several ports being probed, I drop an email to
abuse at . It may well be innocent (I do it myself for valid reasons at
times), but it's good to let the respective abuse departments know what's
going on, for two reasons: 1) It gives them a heads up to keep an eye out
for other "suspicious" activity from that host/user. 2) it usually lets
that user know you're alert.
Call it "profiling", only based on "curiosity" instead of ethnicity :)
James Smallacombe PlantageNet, Inc. CEO and Janitor
up at 3.am http://3.am
=========================================================================
More information about the NANOG
mailing list