[lug] @home and "the scan"
nealmcb at avaya.com
Mon Sep 4 21:54:02 MDT 2000
I get scanned by them every 6 hours, but only for the sandard nntp
port. They watch that one because they were threatened with the
Usenet Death Penalty back in January:
I have gotten them also from 18.104.22.168
Ipchains is great....
Aug 14 05:11:16 key kernel: Packet log: input DENY eth0 PROTO=6
22.214.171.124:38348 126.96.36.199:119 L=44 S=0x00 I=8655 F=0x0000 T=246 SYN (#9)
Once upon a time, Nate Duehr <nate at natetech.com> wrote:
> It's definitely not a myth. I've seen too many folks with similar
> stories as yours.
> Of course, an IPCHAINS rule to drop everything from 188.8.131.52 should
> take care of it. :)
> On Mon, Sep 04, 2000 at 09:19:28PM -0400, John Starkey wrote:
> > If any one remembers the thread regarding the @home scanning for services
> > myth....
> > I just found this in my logs in hosts.deny
> > 184.108.40.206.in-addr.arpa. 86400 IN PTR
> > authorized-scan.security.home.net.
> > John
More information about the LUG