[PLUG] nmap, curiosity, and courtesy

Keith Lofstrom keithl at kl-ic.com
Fri Sep 17 07:36:01 PDT 2004


The attempted ssh breakins that show up in my logs are getting lengthier
if not any more successful.  I am curious about the machines that are
launching the attacks.  I can do DNS lookups on them, of course, but I
am curious about flavor of Linux they are using, etc.  Among other things,
this comes in handy when I am advising others about more vs. less secure
versions of Linux.

I can run nmap against the offending machines, and find out more about
them, but this seems impolite (Mom said "two wrongs do not make a
right"),  and possibly a source of trouble.  What are the opinions here?

Also, assuming the offender and their ISP do not give a rip, is there
any other organization that should be informed of the troublesome IP
addresses?

Keith

-- 
Keith Lofstrom          keithl at keithl.com         Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs




More information about the PLUG mailing list