RE: port scan detected

• From: Adam Baggett <abaggett@xxxxxxxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 19 Aug 2003 12:51:56 -0500

We had a period where we were getting scanned and our ISP called the people
in China and told them to stop..... LOL Its all depends the security you
have set up on that server...

-----Original Message-----
From: Rogers, Brian [mailto:RogersB@xxxxxxxxxxxxxx]
Sent: Tuesday, August 19, 2003 12:37 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: port scan detected


http://www.ISAserver.org



I do that for some of the attacks (ones that last for long periods of
time..or scan over and over).  I configured my alert to only send me an
email if the event happens 25 times....I don't have time to deal with every
little kiddie who got a copy of ogre or whatever else.

 

It was just odd to see the ISA server report a scan on itself.

 

 

-----Original Message-----
From: Adam Baggett [mailto:abaggett@xxxxxxxxxxxx] 
Sent: Tuesday, August 19, 2003 12:34 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: port scan detected

 

http://www.ISAserver.org

Contact the company and tell them that some one is illegally scanning your
network, give them the IP's and tell them to stop. (in the nicest way).....

-----Original Message-----
From: Dan Gabbard [mailto:intellihome@xxxxxxxxxxx]
Sent: Tuesday, August 19, 2003 11:31 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] port scan detected

http://www.ISAserver.org

I have been getting scanned from several IP addresses that belong to C2
Media Ltd for the last three or four days. It doesn't seem to be causing any
problems but I'm curious to know what others do when they are being scanned
by the same address block. The address range is from 66.220.17.46 to
66.220.17.55. I searched for info on C2 Media Ltd and they are a
pay-per-click ad service that seems to be despised by everyone that has come
across them. This tells me writing them to complain would be a waste of
time.

 

Any suggestions on how to handle this would be great. Or should I just not
worry about it?

 

Thanks,

 

 

      Dan

 

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
abaggett@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rogersb@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
abaggett@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts:

• » port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected
• » RE: port scan detected

1. Home
2. isalist
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---