Scans were initiated by the site users. Free scanning service allows test of the IP address, where the user came from. So it would be an end user system or firewall in front of it scanned. I have not picked systems to scan on my own. Only non-DOS safe Nessus checks were enabled. I'm sure IDSs will detect most of the Nessus scans, but they (scans) should be harmless in most cases. Alex. -----Original Message----- From: Kevin Hodle [mailto:kevinhat_private] Sent: Monday, April 07, 2003 6:20 PM To: Alex Zimin; pen-testat_private Subject: RE: Top 10 vulnerabilities and open ports. Just wondering how you selected the IP ranges you scanned in your 'survey'. A nessus scan sets off a very nasty list of IDS signatures, and if dedicated monitoring service (or a decent IDS analyst) was watching your IP surely would have been reported to your ISP on more than one occasion. Since you were probably not authorized to be scanning these IP's, were you reprimanded at all? <b> -------------------------------------------------------------- Costs are climbing and complaints are rising as SPAM overloads your e-mail servers and Inboxes SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. http://www.securityfocus.com/SurfControl-pen-test2 Download a free trial and see just what's going in and out of your organization. -------------------------------------------------------------- </b>
This archive was generated by hypermail 2b30 : Tue Apr 08 2003 - 08:41:11 PDT