Hi Rod, Usually if we get such a report, we'll inform the client of their actions. Most times that discourages them from doing it.
If they do it repeatedly and to many different hosts/IPs, then obviously there is something going on and we act on that. But rarely would an ISP disconnect a server or such just for one or two complaints of this sort (especially since no actual hacking/cracking occurred). This reminds me of the "Open Relay" test. Some ISPs claimed it was illegal because they were "intruding" and "testing" their network for vulnerabilities. Others said that if you have a host on the internet, you can expect it to be a public system and thus "accessed". Which is right, I don't know... but every day our servers and networks get probed at least hundreds of times. Rarely do we take action against the foreign/other ISP unless someone is REALLY repeatedly hammering a server. Then if no action is taken we may even block them at the router/switch level. Hope that helps. Jason http://www.zentek-international.com/ ----- Original Message ----- From: "Rod Rodolico" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, 24 February, 2003 10:36 AM Subject: Cracking attempt > Ok, the other day someone scanned the ports from 3102 to 3230 on my > server. My firewall picked it up and told me about it. I have the > originating IP, date/time, etc... > > Question: What do you suggest I do about it? I've already contacted the > owner of the IP's (cox.net) but really don't know what they will do. I was > torn between "Gee, the firewall does work" and "I'd love to catch the > sucker." Have no idea what they were looking for as services lists > Interbase and Squid in that range. > > Suggestions? > > Rod > > > -- > 1.79 x 10^12 furlongs per fortnight -- it's not just a good idea, it's the > law! > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
