On Sat, 1 Mar 2003 jlewis@lewis.org wrote:
On Fri, 28 Feb 2003, Andy Dills wrote:
You don't have to. This is why I never understood why people care so much about probing. If you do a good job with your network, probing will have zero affect on you. All the person probing can do (regardless of their intent) is say "Gee, I guess there aren't any vulnerabilities with this network."
When I hooked up my first server on the internet back in 1993, I was kind of shocked that some far away stranger was trying to log into my POP3 server. Unwanted connections have been a fact of life on the internet probably since its beginning.
Maybe so, but I think any net admin should care if his hosts are being probed, even if he is under the mistaken assumtion that those hosts are invulnerable. If I see several ports being probed, I drop an email to abuse@. It may well be innocent (I do it myself for valid reasons at times), but it's good to let the respective abuse departments know what's going on, for two reasons: 1) It gives them a heads up to keep an eye out for other "suspicious" activity from that host/user. 2) it usually lets that user know you're alert. Call it "profiling", only based on "curiosity" instead of ethnicity :) James Smallacombe PlantageNet, Inc. CEO and Janitor up@3.am http://3.am =========================================================================