Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Port scan attempts

Reply
Thread Tools

Port scan attempts

 
 
Ravi
Guest
Posts: n/a
 
      12-22-2003
"Date: 22/12/2003 Time: 22:52:16 (GMT +5:30)
Port scan detected from address 206.204.10.200.
Blocked further access for 30 minutes after detecting at
least 6 ports being probed."

Is there a way I can report abouse for this?

It appears that I must report abuse to:
http://www.velocityreviews.com/forums/(E-Mail Removed)

but that address is invalid - I believe.

So what can I do?
--
main(){char s[37]="CSbwjAjocpy/mw!PS!sbwjAeftqbnnfe/dpn";
int i;for(i=0;i<36;putchar(s[i++]-1));return 0;}
 
Reply With Quote
 
 
 
 
Bit Twister
Guest
Posts: n/a
 
      12-22-2003
On Tue, 23 Dec 2003 00:09:02 +0530, Ravi wrote:
> "Date: 22/12/2003 Time: 22:52:16 (GMT +5:30)
> Port scan detected from address 206.204.10.200.
> Blocked further access for 30 minutes after detecting at
> least 6 ports being probed."
>
> Is there a way I can report abouse for this?
>
> It appears that I must report abuse to:
> (E-Mail Removed)
>
> but that address is invalid - I believe.
>
> So what can I do?


Let's see,
host 206.204.10.200
200.10.204.206.in-addr.arpa domain name pointer security.symantec.com.

Hmm, belongs to symantec.com

I bet there may be a Contact Us in their web page http://symantec.com/
 
Reply With Quote
 
 
 
 
Colonel Flagg
Guest
Posts: n/a
 
      12-22-2003
In article <(E-Mail Removed)>,
(E-Mail Removed) says...
> "Date: 22/12/2003 Time: 22:52:16 (GMT +5:30)
> Port scan detected from address 206.204.10.200.
> Blocked further access for 30 minutes after detecting at
> least 6 ports being probed."
>
> Is there a way I can report abouse for this?
>
> It appears that I must report abuse to:
> (E-Mail Removed)
>
> but that address is invalid - I believe.
>
> So what can I do?
>



abuse?

it's not illegal to port scan. get over it.

# nslookup 206.204.10.200

Name: security.symantec.com
Address: 206.204.10.200



--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."
 
Reply With Quote
 
Mimic
Guest
Posts: n/a
 
      12-22-2003
"Colonel Flagg" <(E-Mail Removed)> wrote in
message news:(E-Mail Removed).. .
> In article <(E-Mail Removed)>,
> (E-Mail Removed) says...
> > "Date: 22/12/2003 Time: 22:52:16 (GMT +5:30)
> > Port scan detected from address 206.204.10.200.
> > Blocked further access for 30 minutes after detecting at
> > least 6 ports being probed."
> >
> > Is there a way I can report abouse for this?
> >
> > It appears that I must report abuse to:
> > (E-Mail Removed)
> >
> > but that address is invalid - I believe.
> >
> > So what can I do?
> >

>
>
> abuse?
>
> it's not illegal to port scan. get over it.
>
> # nslookup 206.204.10.200
>
> Name: security.symantec.com
> Address: 206.204.10.200
>
>
>
> --
> Colonel Flagg
> http://www.internetwarzone.org/
>


heh i got busted once for portscanning

--
Mimic

"Without Knowledge you have fear, With fear you create your own nightmares."
"There are 10 types of people in this world. Those that understand Binary,
and those that dont."
"C makes it easy to shoot yourself in the foot. C++ makes it harder, but
when you do, it blows away your whole leg"



 
Reply With Quote
 
Hairy One Kenobi
Guest
Posts: n/a
 
      12-23-2003
"Colonel Flagg" <(E-Mail Removed)> wrote in
message news:(E-Mail Removed).. .
> In article <(E-Mail Removed)>,
> (E-Mail Removed) says...
> > "Date: 22/12/2003 Time: 22:52:16 (GMT +5:30)
> > Port scan detected from address 206.204.10.200.
> > Blocked further access for 30 minutes after detecting at
> > least 6 ports being probed."
> >
> > Is there a way I can report abouse for this?
> >
> > It appears that I must report abuse to:
> > (E-Mail Removed)
> >
> > but that address is invalid - I believe.
> >
> > So what can I do?

>
> abuse?
>
> it's not illegal to port scan. get over it.
>
> # nslookup 206.204.10.200
>
> Name: security.symantec.com
> Address: 206.204.10.200


Ahem. Depends on where you're scanning from.

IIRC, you can get prosecuted for using too-strong encryption in France, or
for saving POP IP addresses in Germany.. in the UK it *will* get your
account pulled (assuming that the AUP team have been injected with that
yellow stuff that they used in /Reanimator/)

To the OP: read comments, think about said comments, learn.. it's a good
order to do things ;o)

H1K


 
Reply With Quote
 
Bit Twister
Guest
Posts: n/a
 
      12-23-2003
On Mon, 22 Dec 2003 15:41:01 -0500, Colonel Flagg wrote:

> it's not illegal to port scan. get over it.


http://theregister.co.uk/content/55/31220.html

Just a few state selections. You read with the lawyer hat on,
which means, as it is written.

http://www.capitol.state.tx.us/statu...ml#pe001.33.01
Read 33.01. Definition (1) "Access"
33.02. Breach of Computer Security (a)

http://www.umpqua.cc.or.us/policy/oregon-law.htm
Read 1 (a) then (4)
 
Reply With Quote
 
James H. Fox
Guest
Posts: n/a
 
      12-23-2003
Ravi wrote:
> "Date: 22/12/2003 Time: 22:52:16 (GMT +5:30)
> Port scan detected from address 206.204.10.200.
> Blocked further access for 30 minutes after detecting at
> least 6 ports being probed."
>
> Is there a way I can report abouse for this?
>

You can try the myNetWatchman service (http://www.mynetwatchman.com) to
automatically report scans. They consolidate reports from a number of users
and screen them so that only the signficant ones are actually reported. I
use it with logging from a hardware firewall and a cable modem, but it will
also work with logs from various software firewalls. I don't know if it is
practical with a dial-up modem.


 
Reply With Quote
 
@micro$oft.com
Guest
Posts: n/a
 
      12-23-2003
Colonel Flagg wrote:

>>Port scan detected from address 206.204.10.200.
>>Blocked further access for 30 minutes after detecting at
>>least 6 ports being probed."
>>
>>Is there a way I can report abouse for this?


>>So what can I do?


> abuse?
>
> it's not illegal to port scan. get over it.


Welcome to the Internet. I get scanned a number of times a day, and scan
anyone connecting to my machine in a suspicious manner. I've got a
database of all the scans using NLog, so big I had to install mySQL just
to keep them straight. No one's ever said a word to me. And besides,
there's always _passive_ scanning and icmp-based scanning

Most ISP's, when contacted, do nothing about real break-in attempts, let
alone a mesley portscan. And then there's legit uses too- IRCd's
routinely portscan 23, 80, 8080, 3168 looking for open proxies. If
you're auto-blocking them, and the scan-site has the same IP as the host
site, you will be blocking your users from using IRC at all (which you
may or may not want to do). In short, unless it becomes a pattern form
the same IP# over and over, let it slide .


--

=-=-=.DISTRIBUTION|PROGRAMMING|RESEARCH|PORTAL|:.-=-=
[jayjwa] RLF#37 Raq glenaal: Nffnfvangr Ovyy Tngrf
[Atr2 Labs] Jvaqbjf vf n qvfrnfr
Finger for proj. "Putting encryption to good use."
=Linux Tough.Powered By Slackware=-HTTPS|FTP|SILC|SSH-=



 
Reply With Quote
 
Rowdy Yates
Guest
Posts: n/a
 
      12-23-2003
I was happily strolling along my merry little way in alt.computer.security,
when I looked down and saw a little note from Ravi on Mon 22 Dec 2003
01:51:02p who wrote:

> "Date: 22/12/2003 Time: 22:52:16 (GMT +5:30)
> Port scan detected from address 206.204.10.200.
> Blocked further access for 30 minutes after detecting at
> least 6 ports being probed."
>
> Is there a way I can report abouse for this?
>
> It appears that I must report abuse to:
> (E-Mail Removed)
>
> but that address is invalid - I believe.
>
> So what can I do?


A port scan does not constitue hostile activity. is could be anything. If you
can prove that there is a pattern to the scan that indicates that they are
trying to get in, then.....

most hack attempts are preempted by multiple reconnisance activity that has a
discernable pattern. a passive host based IDS can log that information for
you.

--
Rowdy Yates
MCSE, Security+
(working on a CISSP and lovin' it!)
 
Reply With Quote
 
Ravi
Guest
Posts: n/a
 
      12-23-2003
On Mon, 22 Dec 2003 19:00:47 GMT, Bit Twister
<(E-Mail Removed)> wrote:

>On Tue, 23 Dec 2003 00:09:02 +0530, Ravi wrote:
>> "Date: 22/12/2003 Time: 22:52:16 (GMT +5:30)
>> Port scan detected from address 206.204.10.200.
>> Blocked further access for 30 minutes after detecting at
>> least 6 ports being probed."
>>
>> Is there a way I can report abouse for this?
>>
>> It appears that I must report abuse to:
>> (E-Mail Removed)
>>
>> but that address is invalid - I believe.
>>
>> So what can I do?

>
>Let's see,
>host 206.204.10.200
>200.10.204.206.in-addr.arpa domain name pointer security.symantec.com.
>
>Hmm, belongs to symantec.com
>
>I bet there may be a Contact Us in their web page http://symantec.com/


If that is correct then my mistake!
I actually asked them to scan my ports using their security
check site.

But then is not the abuse address that I wrote correct?

TIA.

--
main(){char s[37]="CSbwjAjocpy/mw!PS!sbwjAeftqbnnfe/dpn";
int i;for(i=0;i<36;putchar(s[i++]-1));return 0;}
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Nikon Scan vs Vuescan, Nikon Scan smears detail, why (0/1) melbjer@hotmail.com Digital Photography 3 08-09-2008 02:52 AM
Best to scan in 48 Bit HDR? Or use 48 Bit + modify during scan? NewScanner Digital Photography 9 01-16-2007 04:07 AM
Attempts on UDP Port 18332 DaveG NZ Computing 1 03-07-2005 12:23 AM
What do you can a scan that attempts to establish a connection with open port with two small packets todhunter5 Computer Security 1 12-24-2003 04:37 AM
Progressive scan dvd's on a non-progressive scan tv jack lift DVD Video 7 12-09-2003 06:01 PM



Advertisments