Definitely, port scanning as such is not a crime. Now, why would any
valid user of my systems need to run a port scanning on my servers?
Besides, my firewall rules are configured so that only the services I
need are made public, so my concern is not that of someone finding an
open port to a dangerous thing. I rely on my Internet connection for
more than just web surfing, so the traffic these IPs add to my
firewall has a negative impact on my WAN (availability).
I might just block them in my routers and pretend they don't exist.
However, there might be other people having the same problem because
of these IPs (including the one doing the scans, that might be a
zombie computer in a legitimate business company). If I can add my 2
cents to "Internet traffic" by trying to stop this, I don't see why I
shouldn't.
On 5/27/05, Emmanuel Goldstein <goldstein101@gmail.com> wrote:
Oh Come on!, they're just port scans. You cannot avoid people scanning
your network, that's why you should try to improve your security every
single day. And don't think they are specificly scanning your network
'cause many people scan millions of hosts everyday, eg: security audit
companies or people doing network security masters...
Whether you like it or not, port scanning is not ilegal. Don't go
around reporting those really dangerous "Network abuses" ;-P
On 5/26/05, Diego Kellner <dkepler@gmail.com> wrote:
Hi, I am now encharged of analyzing firewall logs in my company, and
I'm beggining frequent port scanning from certain IPs (most of them in
Asia). I know it might not change a thing, but I'd like to report this
IPs to their respective ISPs. Anyone has (or knows of a web site
that's got) Network Abuse Mail Templates I could use?
Regards,
Diego
