port scanning from spoofed addresses

Matthew Huff mhuff at ox.com
Thu Dec 3 12:03:20 CST 2009

I'm not at all concerned about door-knob twisting or network scanning. What concerns me is that the source addresses are spoofed from our address range and that our upstream providers aren't willing to even look at the problem. 

Matthew Huff       | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com  | Phone: 914-460-4039
aim: matthewbhuff  | Fax:   914-460-4139

-----Original Message-----
From: Charles Wyble [mailto:charles at thewybles.com] 
Sent: Thursday, December 03, 2009 1:01 PM
To: Matthew Huff
Cc: Florian Weimer; (nanog at nanog.org)
Subject: Re: port scanning from spoofed addresses

On Dec 3, 2009, at 9:53 AM, Matthew Huff wrote:

> The source address appears to be fixed as well as the source port (6666), scanning different destinations and ports.

Some script kiddies found nmap and decided to target you for some reason. It happens. It's annoying. 

More information about the NANOG mailing list