On Sun, Feb 23, 2003 at 08:36:05PM -0600, Rod Rodolico wrote: > Ok, the other day someone scanned the ports from 3102 to 3230 on my > server. My firewall picked it up and told me about it. I have the > originating IP, date/time, etc... > > Question: What do you suggest I do about it? I've already contacted the > owner of the IP's (cox.net) but really don't know what they will do. I was > torn between "Gee, the firewall does work" and "I'd love to catch the > sucker." Have no idea what they were looking for as services lists > Interbase and Squid in that range. > > Suggestions?
You mean to tell us that you got port scanned one time? I can't think of the last day when i wasn't port-scanned on all IP in my ranges. In my case they usually do it once. But if they come back and make a habit of it, then i make a file of their logged scans and send it to [EMAIL PROTECTED] with a note. Port-scanning - yet another waste of bandwidth. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
