From owner-freebsd-security Mon Jan 1 15:29:35 2001 From owner-freebsd-security@FreeBSD.ORG Mon Jan 1 15:29:32 2001 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.colltech.com (ausproxy.colltech.com [208.229.236.19]) by hub.freebsd.org (Postfix) with ESMTP id 9E45D37B400; Mon, 1 Jan 2001 15:29:31 -0800 (PST) Received: from mail2.colltech.com (mail2.colltech.com [208.229.236.41]) by mx1.colltech.com (8.9.3/8.9.3/not) with ESMTP id RAA12070; Mon, 1 Jan 2001 17:29:25 -0600 Received: from colltech.com (ha59s140.d.shentel.net [204.111.59.140]) by mail2.colltech.com (8.9.3/8.9.3/not) with ESMTP id RAA12946; Mon, 1 Jan 2001 17:29:23 -0600 Message-ID: <3A511471.5DE87129@colltech.com> Date: Mon, 01 Jan 2001 18:36:17 -0500 From: Daniel Hagan X-Mailer: Mozilla 4.61 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Kris Kennaway Cc: Mikhail Kruk , "freebsd-security@freebsd.org" Subject: Re: Large scan activity References: <20001230091022.A29983@citusc.usc.edu> <20001230200855.B936@citusc.usc.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Also, see http://www.sans.org/giac.html for the GIAC (Global Incident Analysis Center?). They do semi-realtime tracking of port-scan activity based on volunteer reports of activity. They can also help get "interesting" logs analyzed. Daniel Kris Kennaway wrote: > > On Sat, Dec 30, 2000 at 12:44:41PM -0500, Mikhail Kruk wrote: > > BTW, I wanted to ask for some time now, is it a good idea to report the > > scans when I see them or it's a waste of time? > > Port scan reports are probably off-topic for this list. However you > might be interested in the 'incidents' mailing list hosted by > securityfocus.com which is for discussion of security incidents such > as probing and break-ins. > > Kris > > ------------------------------------------------------------------------ > Part 1.2Type: application/pgp-signature To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message