It's been happening for over 2 years now on pandora.be, a belgian cable provider... We are not allowed to run any server applications (ie. apache, mail, ftp...) So they portscan every ip a few times a day, my logs are always cluttered. Oh, did i forget to mention we are limited by amount of traffic a month, and those portscans are happily eating 3megs a day. :( Just had to add that. Luc Somers -----Original Message----- From: Mally Mclane [mailto:mallyat_private] Sent: Tuesday, April 22, 2003 4:40 PM To: Rob Shein; 'Hoof Hearted'; incidentsat_private Subject: RE: SMTP Scans Hi, --On Monday, April 21, 2003 6:50 PM -0400 Rob Shein <shotenat_private> wrote: > For the last few months our ISP (BT) has apparently been scanning our > mail servers for open relays, this is happening up to > 12 times a day across both Primary & Secondary mail servers. I don't condone this, but this is fairly common practice amongst UK ISPs. Regards, Mally Mclane RIPE NCC - Operations ---------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-incidents ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-incidents ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Apr 23 2003 - 07:13:50 PDT