mimics_cloneHOTMAIL.COM

• Next message: John Kristoff: "[Fwd: ssh-research-scanner.ucs.ualberta.ca]"
• Previous message: Alexander Schreiber: "Re: Sudden increase in scans."
• Maybe in reply to: John Kristoff: "Automated SSH scanning"
• Next in thread: David Goldsmith: "Re: Automated SSH scanning"
• Maybe reply: Mimic Doppelganger: "Re: Automated SSH scanning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

What differentiates a hostile scan from an unwelcome benign scan? Does the
fact that an operator has the balls to put up a web-site, admitting that (he
|| she || it) is allegedly scanning random ip addresses for commercial
and/or academic reasons, mitigate the operator's behavior? Do not take this
as an accusation of wrong doing or dark motives -- it is just difficult to
separate these actions from the behavior of JQ Cracker.

A

Date: Mon, 24 Jul 2000 19:06:48 -0500
From: John Kristoff <jtkDEPAUL.EDU>
Reply-To: jtkaharp.is-net.depaul.edu
To: INCIDENTSSECURITYFOCUS.COM
Subject: Automated SSH scanning

Saw some SSH probes today, which frightened me somewhat. It turns out
to be survey profiling device. This machine (the source of the probes),
offer's some brief details:

http://ssh-research-scanner.ucs.ualberta.ca/

Although it would be nice if *they* filtered the netblocks people didn't
want scanned rather than placing the burden on the sites they are scanning.

John
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

• Next message: John Kristoff: "[Fwd: ssh-research-scanner.ucs.ualberta.ca]"
• Previous message: Alexander Schreiber: "Re: Sudden increase in scans."
• Maybe in reply to: John Kristoff: "Automated SSH scanning"
• Next in thread: David Goldsmith: "Re: Automated SSH scanning"
• Maybe reply: Mimic Doppelganger: "Re: Automated SSH scanning"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]