[119875] in North American Network Operators' Group
RE: port scanning from spoofed addresses
daemon@ATHENA.MIT.EDU (Matthew Huff)
Thu Dec 3 13:04:26 2009
From: Matthew Huff <mhuff@ox.com>
To: Charles Wyble <charles@thewybles.com>
Date: Thu, 3 Dec 2009 13:03:20 -0500
In-Reply-To: <68F8A2BA-0B32-440C-8E1F-296135860B70@thewybles.com>
Cc: " \(nanog@nanog.org\)" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
I'm not at all concerned about door-knob twisting or network scanning. What=
concerns me is that the source addresses are spoofed from our address rang=
e and that our upstream providers aren't willing to even look at the proble=
m.=20
----
Matthew Huff=A0=A0=A0=A0=A0=A0 | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com=A0 | Phone: 914-460-4039
aim: matthewbhuff=A0 | Fax:=A0=A0 914-460-4139
-----Original Message-----
From: Charles Wyble [mailto:charles@thewybles.com]=20
Sent: Thursday, December 03, 2009 1:01 PM
To: Matthew Huff
Cc: Florian Weimer; (nanog@nanog.org)
Subject: Re: port scanning from spoofed addresses
On Dec 3, 2009, at 9:53 AM, Matthew Huff wrote:
> The source address appears to be fixed as well as the source port (6666),=
scanning different destinations and ports.
>=20
>=20
Some script kiddies found nmap and decided to target you for some reason. I=
t happens. It's annoying.=20
