[32542] in North American Network Operators' Group
Re: script kiddie probes
daemon@ATHENA.MIT.EDU (Daniel Senie)
Mon Nov 27 17:30:53 2000
Message-ID: <000901c058c1$6ac98ce0$0901a8c0@local.senie.com>
From: "Daniel Senie" <dts@senie.com>
To: "Matt Levine" <mlevine@efront.com>, <nanog@merit.edu>
Date: Mon, 27 Nov 2000 17:28:50 -0500
MIME-Version: 1.0
Content-Type: text/plain;
charset="x-user-defined"
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
>From: Matt Levine <mlevine@efront.com>
>To: <nanog@merit.edu>
>Sent: Monday, November 27, 2000 5:11 PM
>Subject: RE: script kiddie probes
>
> Am I the only one thinking that they should filter out certain boxes (ie:
> the box named security-scan.home.net)? .. I don't think it's going to be
> incredibly malicious unless you're a cable-modem customer..
And while they're at it, also remove RFC 1918 addreses, self-assign
addresses (169.254). I was underwhelmed when looking at their top 10 and
seeing such addresses listed.
