|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Interesting reply
From: H Carvey (keydet89
YAHOO.COM)Date: Thu Oct 12 2000 - 15:33:50 CDT
- Next message: mamo: "ksyslogd"
- Previous message: Runar Jensen: "Re: Compromised NT box, sniffer and possible backdoor"
- Next in thread: Keith Pachulski: "Re: Interesting reply"
- Maybe reply: H Carvey: "Re: Interesting reply"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'd be very interested to hear some specifics
regarding the type of traffic that indicates that the
scanning system has been compromised, and how this
traffic might differ from traffic "seen" from a
malicioius user.
I still don't see how anyone can say "most" or "almost
all" without any hard info.
Carv
--- Gary Flynn <flynngnJMU.EDU> wrote:
> "Forrester, Mike" wrote:
> >
> > From my experience (I work for a broadband ISP),
> most of our problems with
> > people scanning is from a compromised system. No,
> I don't have exact
> > numbers, but MOST is about right. ;)
>
> Mike,
>
> How do you determine if the box used for scanning is
> compromised? Do you take
> the owner's word? How about other ISPs listening
> here?
>
> --
> Gary Flynn
> Security Engineer - Technical Services
> James Madison University
>
> Please RUNSAFE
>
http://www.jmu.edu/computing/info-security/engineering/protecting_yourself.htm
__________________________________________________
Do You Yahoo!?
Get Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
- Next message: mamo: "ksyslogd"
- Previous message: Runar Jensen: "Re: Compromised NT box, sniffer and possible backdoor"
- Next in thread: Keith Pachulski: "Re: Interesting reply"
- Maybe reply: H Carvey: "Re: Interesting reply"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]