Date: Fri, 15 Dec 2000 03:32:51 +0200 (IST) From: Roman Shterenzon <roman@xpert.com> To: Mikhail Kruk <meshko@cs.brandeis.edu> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: mindspring complains about intrusive port scans Message-ID: <Pine.LNX.4.30.0012150331500.30888-100000@jamus.xpert.com> In-Reply-To: <Pine.LNX.4.30.0012142024000.31307-100000@daedalus.cs.brandeis.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Seems like traceroute to me, and I don't see anything violative here. They're just not used to udp traceroute I guess. Windows uses icmp traceroutes. On Thu, 14 Dec 2000, Mikhail Kruk wrote: > Hi > I got the following message from my DSL provider. > I think that the logs they show are caused by me running ping and > traceroute on some host on their network. (note that I've substituted my > ip by xxx.xxx.xxx.xxx in the logs just in case) > > So my questions are: > a) is there any chance that I'm wrong and this log is not caused by > ping/traceroute? > b) can they accuse me of violating anything because I run traceroute? > Sounds like bs to me... > > included message: > > >From abuse@mindspring.net Thu Dec 14 20:23:57 2000 > Date: Thu, 14 Dec 2000 17:27:13 -0500 (EST) > From: abuse@mindspring.net > To: bkruk@ix.netcom.com > Subject: Issue 001214-18234395 > > Hello, > > We have recently received a complaint of intrusive port scans. Upon > investigating, we have determined that this alleged abuse is originating > from your account. In a case like this, we like to let you know about the > report, so that you may take a moment to review our policies regarding > network unfriendly activity and netiquette. It is our hope that by > notifying you of the report, we are helping to avoid any further incidents > of this nature. > > Please view our appropriate use policy, it is available at: > > http://www.mindspring.net/aboutms/policy.html > > Pay particular attention to the following section: > > "Privacy violations: > Attempts, whether successful or unsuccessful, to gain access to any > electronic systems, networks or data, without proper consent, are > prohibited." > > These types of cases are often escalated by some sort of misunderstanding, > by keeping us informed, you will be helping us avoid that. > > Regards, > > Erich Hablutzel > > EarthLink/MindSpring AUP Abuse Investigator > > ----------------------------------------------------------------------------- > > portion of logs detailing incident: > > > FWIN,2000/12/11,18:39:54 +10:00 > GMT,xxx.xxx.xxx.xxx:0,203.164.30.182:0,ICMP > > FWIN,2000/12/11,18:40:16 +10:00 > GMT,xxx.xxx.xxx.xxx:41374,203.164.30.182:33489,UDP > > FWIN,2000/12/11,18:40:20 +10:00 > GMT,xxx.xxx.xxx.xxx:41374,203.164.30.182:33490,UDP > > WIN,2000/12/11,18:40:26 +10:00 > GMT,xxx.xxx.xxx.xxx:41374,203.164.30.182:33491,UDP > ----------------------------------------------------------------------------- > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.30.0012150331500.30888-100000>