| View previous topic :: View next topic |
| Author |
Message |
guero61
l33t
Joined: 14 Oct 2002
Posts: 811
Location: Behind you
|
 Posted: Tue May 11, 2004 3:22 am Post subject: Scanners and such |
 |
|
| How do you guys find yourselves dealing with people who portscan you? Do you just leave them be, or fire back? I just found a couple of guys on my DSL leg that have been trying to scan through my dual-layer firewall (hardware _and_ hardened linux), so I just blasted them with a syn scan apiece and a 5-second ping flood. What would you have done? |
|
| Back to top |
|
 |
kpack
Tux's lil' helper
Joined: 29 Mar 2004
Posts: 137
|
| Posted: Tue May 11, 2004 12:09 pm Post subject: |
|
|
I just ignore them.
It seems like most port scans are from zombied windows machines whose owners, if stupid enough to get infected in the first place, won't notice your retaliatory scan. You can contact their ISP (abuse@...), but you won't get a thank you note or anything. |
|
| Back to top |
|
|
guero61
l33t
Joined: 14 Oct 2002
Posts: 811
Location: Behind you
|
| Posted: Tue May 11, 2004 11:37 pm Post subject: |
|
|
That's what I've found out. I guess the new knowledge of setting up logging on my hardware firewall just showed me how much it really stops.
Sure enough, the machine that keeps scanning me seems to be a zombie - it's got several trojan ports open (including BO) and doesn't seem to be doing intelligent scanning - just keeps tapping the same ports in the same patterns, over and over. I'd take advantage of the 0wnership and shut down the zombie stuff, but then I'd be little better than the guy who's 0wning it anyway. Even if I was successful and got away cleanly, I may start a petty war with some script kiddie who would take my action as a personal affront. *sigh*, we'll always have the lugnuts in the world.
I'm completely stealthed right now, so I guess it really doesn't matter. |
|
| Back to top |
|
|
|
Networking & Security
