From owner-freebsd-security Mon Mar 6 5:59:26 2000 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 022EC37BD09 for ; Mon, 6 Mar 2000 05:59:18 -0800 (PST) (envelope-from Cy.Schubert@uumail.gov.bc.ca) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id FAA19429; Mon, 6 Mar 2000 05:59:00 -0800 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda19425; Mon Mar 6 05:58:41 2000 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.9.3/8.9.1) id FAA40528; Mon, 6 Mar 2000 05:58:40 -0800 (PST) Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdE40526; Mon Mar 6 05:57:47 2000 Received: (from uucp@localhost) by cwsys.cwsent.com (8.9.3/8.9.1) id FAA07010; Mon, 6 Mar 2000 05:57:46 -0800 (PST) Message-Id: <200003061357.FAA07010@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdFw7006; Mon Mar 6 05:57:11 2000 X-Mailer: exmh version 2.1.1 10/15/1999 To: "Matthew McGehrin" Cc: freebsd-security@FreeBSD.ORG, cy@cwsys.cwsent.com Subject: Re: (Fwd) Re: @Home Server Scanner? In-Reply-To: Message from "Matthew McGehrin" of "Mon, 06 Mar 2000 01:25:21 EST." <20000306062523.819FF10F51@mail.reverse.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 06 Mar 2000 05:57:11 -0800 From: Cy Schubert Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <20000306062523.819FF10F51@mail.reverse.net>, "Matthew McGehrin" wri tes: > On 2 Mar 00, at 7:39, Cy Schubert - ITSD Open Syste wrote: > > > In message <20000301113847.B37590@cc942873-a.ewndsr1.nj.home.com>, > > "Crist J. Cl > > ark" writes: > > > I appear to be scanned regularly by an @Home host, > > > > > > Name: ops-scan.home.net > > > Address: 24.0.94.130 > > with "unsubscribe freebsd-security" in the body of the message > > So deny the host in the access rules, and you never need to worry > about @home looking for services ;) Well duh. Actually doing just that, blocking just their scans, might violate your agreement with your cable company. I don't know about your agreement but mine specifically states that I cannot run any services. Failure to do so would mean revocation of service. Since I have no need to offer any services to the Internet, as I use my @home connection to VPN to work, I block all incoming traffic, then use a couple of tools including Swatch 3. Swatch 3 which prints violations in various colours. ops-scan.home.net is not a serious violator so I print them out in blue, accidental violations, e.g. from work via VPN are in black or white depending on the terminal, or just ignored, and violations I should concern myself with are in red. Messages in my logs that I consider priority one are red reverse video -- very noticiable. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC "COBOL IS A WASTE OF CARDS." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message