CF: port scan

To: Crossfire Mailing List <crossfire@ifi.uio.no>
Subject: CF: port scan
From: Robert Brockway <robert@blake.humbug.org.au>
Date: Wed, 21 Jul 1999 11:20:53 +1000 (EST)
Sender: owner-crossfire@ifi.uio.no

Hi all.  This is off topic but appropriate for the list imho.

Someone just port scanned my box very badly.  I believe it was someone may
play crossfire, and may even be on this list

I know this as their are a series of accesses to the crossfire port from a
certain IP (195.110.116.45) and soon after one of my boxen was subjected
to 2-3 minutes of strobbing from the same IP.

I've reported this incident to the person's ISP (dada.it) as a port scan
of this magnitude leads me to believe the person was looking for an
exploit.  It is unfortunate to think that the list might contain someone
like this.

I urge all admins to be on the look out.  It might be worth looking at
blocking all of dada.it for the time being as I believe the box is a
dialup box.

Sorry for the off topic message but these sorts of things concern me
greatly.

To the culprit - if this was just some sort of investigation of the
Internet, get the permission of the admin of the box before launching a
strobe or similar tool.  Long gone are the days when the Internet was a
friendly place where attacks were rare.
Cheers,
	-Robert

--Robert Brockway B.Sc.  Email: robert@blake.humbug.org.au
                                robert.brockway@uq.net.au
			 WWW:   http://www.oc.humbug.org.au/~robert
			 Founder of HUMBUG (http://www.humbug.org.au)

-
[you can put yourself on the announcement list only or unsubscribe altogether
by sending an email stating your wishes to crossfire-request@ifi.uio.no]

Prev by Date: Re: CF: crossfire design
Next by Date: Re: CF: crossfire design
Prev by thread: Re: CF: Wrong coordinates for house of healing
Next by thread: CF: alchemy
Index(es):
- Date
- Thread