[PLUG] nmap, curiosity, and courtesy
Keith Lofstrom
keithl at kl-ic.com
Fri Sep 17 07:36:01 PDT 2004
The attempted ssh breakins that show up in my logs are getting lengthier
if not any more successful. I am curious about the machines that are
launching the attacks. I can do DNS lookups on them, of course, but I
am curious about flavor of Linux they are using, etc. Among other things,
this comes in handy when I am advising others about more vs. less secure
versions of Linux.
I can run nmap against the offending machines, and find out more about
them, but this seems impolite (Mom said "two wrongs do not make a
right"), and possibly a source of trouble. What are the opinions here?
Also, assuming the offender and their ISP do not give a rip, is there
any other organization that should be informed of the troublesome IP
addresses?
Keith
--
Keith Lofstrom keithl at keithl.com Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs
More information about the PLUG
mailing list