Fairly rude surprise in logs this AM -- possible DoS attempt?
Alvin Oga
alvin at Mail.Linux-Consulting.com
Tue Jan 20 07:25:54 PST 2004
hi ya david
On Tue, 20 Jan 2004, David Wolfskill wrote:
> So -- I received an explanation for the portscanning I mentioned here:
if you didn't send the initial (complaint) mail to them ( zonnet.nl ),
than they should not have been scanning you in the first place
if they scanned first, their explanation doesnt fly ...
it's odd that they scan the sender of emails ...
what would be the point ?
- are they collecting a list of open proxy ???
- why not make that "list of daily thousands of open proxy"
available so that we all can use it as an rbl, since they've
already verified its an open proxy and they received "spam"
c ya
alvin
> >Date: Tue, 20 Jan 2004 09:40:00 +0100
> >From: "Richard Zuidhof \(ZON\)" <richard at zonnet.nl>
> >To: abuse at catwhisker.org
> >Subject: Re: Port scanning from 62.58.50.220 (dsbl.zonnet.nl)??!?
>
> >Your address was scanned to check if you have an open proxy. Because we
> >experience a incredible lot of spam from dsl and cable connections that
> >have open proxies we do a single test on each one that sends us mail. In
> >that way we find thousands of new open proxies every day.
>
> >Because your address has a reverse name that contains 'dsl'
> >(adsl-63-193-123-122.dsl.snfc21.pacbell.net) you were scanned. Sorry for
> >the inconvenience.
>
> >....
>
> So, no harm done. It just caught me off-guard, to an extent.
More information about the Baylisa
mailing list