Re: Server Probing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



"Exact" is probably the wrong term, there's a difference between sitting on one's computer and sending a tcp packet to another computer than physically going on to one's property with the intention of looking for entry points. The former is something that I do out of interest, interest in finding out what a server on a network might be running, improve my networking skills, and so-forth, it might be, frankly, quite arbitrary deemed "really bad" by corporates that have left holes that clever crackers are able to exploit and steal stuff and sure, I am not advocating that and understand that it is theft and so-forth, but frankly, scanning a host is hardly a major criminal offence and it's an excessive use of legal power to assert that it is tantamount to some burglar trying to break in to a building or something.


On 02/01/2013 11:03 AM, Tom Burke wrote:
Unless you have permission, that's exactly what it is.  Why else would you
be rattling their firewall, except to probe their vulnerabilities?

And if you're probing their vulnerabilities without permission, then why
are you doing it?

IIRC, there is, in fact, legal precedence on this, too.

On a related note, I used to drop *.apnic.* into my filters, and that got
rid of over 80% of the door rattling.

Of course, it pretty much blocked everyone in China, Japan, New Zealand,
Australia, and so on..

On Thu, Jan 31, 2013 at 4:43 PM, geofrey rainey <
geofrey.rainey@xxxxxxxxxxxxxxxxxx> wrote:

I just don't think rattling locks and peeking in windows is analogous to
sending a few tcp packets to a server on the internet really.

On 02/01/2013 01:20 AM, Tom Curl wrote:

Unless you have permission from the owner of the server, you should be
banned. Gee, I just think I'll rattle the locks on your doors and peak
through your windows just to see what you are doing Geofrey.



On Thu, 2013-01-31 at 10:13 +1300, geofrey rainey wrote:

I don't think i'd advise permanently blocking IP's - sometimes I nmap an
IP just because I am interested to see what's running or whatever but
wouldn't expect to be "banned" for doing this...


On 01/30/2013 06:56 PM, AMDPaulius Paulius wrote:

Yeah, even my small home server which is not advertised anywhere gets
scanned daily. They are always trying to brute force into FTP, or SSH. I
use iptables to block those IPs completely.

On Wed, Jan 30, 2013 at 1:46 AM, Florez, Nestor <NFlorez@xxxxxxxxx>
wrote:

  THANKS!!!
Né§t☼r


-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx [mailto:
redhat-list-bounces@xxxxxxxxxx**] On Behalf Of m.roth@xxxxxxxxx
Sent: Tuesday, January 29, 2013 2:30 PM
To: General Red Hat Linux discussion list
Subject: RE: Server Probing

Florez, Nestor wrote:

[mailto:redhat-list-bounces@**redhat.com<redhat-list-bounces@xxxxxxxxxx>]
On Behalf Of Florez, Nestor

  I will take a look at fail2ban
You guys mentioned fail2ban, Does redhat has it available? Where?

epel.

           mark

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@**redhat.com<redhat-list-request@xxxxxxxxxx>
?subject=unsubscribe
https://www.redhat.com/**mailman/listinfo/redhat-list<https://www.redhat.com/mailman/listinfo/redhat-list>


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@**redhat.com<redhat-list-request@xxxxxxxxxx>
?subject=unsubscribe
https://www.redhat.com/**mailman/listinfo/redhat-list<https://www.redhat.com/mailman/listinfo/redhat-list>

  --
redhat-list mailing list
unsubscribe mailto:redhat-list-request@**redhat.com<redhat-list-request@xxxxxxxxxx>
?subject=unsubscribe
https://www.redhat.com/**mailman/listinfo/redhat-list<https://www.redhat.com/mailman/listinfo/redhat-list>


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@**redhat.com<redhat-list-request@xxxxxxxxxx>
?subject=unsubscribe
https://www.redhat.com/**mailman/listinfo/redhat-list<https://www.redhat.com/mailman/listinfo/redhat-list>

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux