Responding to Scan

Discussion in 'Computer Security' started by Benign Vanilla, Nov 4, 2004.

  1. My firewall gets scanned 100's, maybe 1000's of times a week. For the most
    part we just ignore the scans/attacks, we review the logs, etc. Does anyone
    ever respond? Are there tools, or better yet is there is any benefit to
    responding to unsolicted traffic?

    I am curious to hear your opinions on this.

    BV.
    Benign Vanilla, Nov 4, 2004
    #1
    1. Advertising

  2. Benign Vanilla

    Bit Twister Guest

    On Thu, 4 Nov 2004 13:44:35 -0500, Benign Vanilla wrote:
    > My firewall gets scanned 100's, maybe 1000's of times a week. For the most
    > part we just ignore the scans/attacks, we review the logs, etc. Does anyone
    > ever respond? Are there tools, or better yet is there is any benefit to
    > responding to unsolicted traffic?


    For me, I'll report scans from commercial sites to them
    suggesting they are cracked. Then again I have time to waste.

    > I am curious to hear your opinions on this.


    For the rest, large port scans from single ip go to isp,
    very common ports are in a blacklist to be dropped and not logged.
    Bit Twister, Nov 4, 2004
    #2
    1. Advertising

  3. "Bit Twister" <> wrote in message
    news:...
    > On Thu, 4 Nov 2004 13:44:35 -0500, Benign Vanilla wrote:
    > > My firewall gets scanned 100's, maybe 1000's of times a week. For the

    most
    > > part we just ignore the scans/attacks, we review the logs, etc. Does

    anyone
    > > ever respond? Are there tools, or better yet is there is any benefit to
    > > responding to unsolicted traffic?

    >
    > For me, I'll report scans from commercial sites to them
    > suggesting they are cracked. Then again I have time to waste.
    >
    > > I am curious to hear your opinions on this.

    >
    > For the rest, large port scans from single ip go to isp,
    > very common ports are in a blacklist to be dropped and not logged.


    I want to make sure I understand. For example, port 80. You just drop all
    traffic and don't even both logging it?

    BV.
    Benign Vanilla, Nov 4, 2004
    #3
  4. Benign Vanilla

    Jim Watt Guest

    On Thu, 4 Nov 2004 13:44:35 -0500, "Benign Vanilla"
    <> wrote:

    > is there is any benefit to
    >responding to unsolicted traffic?


    no. Why be part of the problem
    of congestion?
    --
    Jim Watt
    http://www.gibnet.com
    Jim Watt, Nov 4, 2004
    #4
  5. "Jim Watt" <_way> wrote in message
    news:...
    > On Thu, 4 Nov 2004 13:44:35 -0500, "Benign Vanilla"
    > <> wrote:
    >
    > > is there is any benefit to
    > >responding to unsolicted traffic?

    >
    > no. Why be part of the problem
    > of congestion?


    True. Good point. I guess I am just frustrated with all of the traffic
    hitting my server. I was hoping to be enlightened to a way of responding
    that could potentially help.

    BV.
    Benign Vanilla, Nov 5, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Johan
    Replies:
    9
    Views:
    581
    Johan
    Jan 9, 2004
  2. TheCroW

    FF 1.06 stops responding sometimes

    TheCroW, Aug 1, 2005, in forum: Firefox
    Replies:
    19
    Views:
    815
    Vazilis
    Aug 8, 2005
  3. jack lift
    Replies:
    7
    Views:
    1,844
    Waterperson77
    Dec 9, 2003
  4. NewScanner
    Replies:
    9
    Views:
    943
    NewScanner
    Jan 16, 2007
  5. Replies:
    3
    Views:
    832
    Richard Karash
    Aug 9, 2008
Loading...

Share This Page