scans

[shadowmaker]

While sitting here reading post i saw about 5 scans in a row for sub 7. Now this is not uncommon i understand but these people were from everywhere. aol, comcast, epoch all over. how many of you have had this happen to you? normally i just net send them if they are on 2k and be on my way (since most people freak when they see the net send window just popup there with a message of "don't scan me for sub 7, and watch who ya scan before they come get you) or something like that. my question is what do you think would be an approriate action against this? think i am to soft or what?

the reason i am asking is 3-4 of the same people keep scanning my ports even after i have warned them several times. and since isp reporting is a joke i want to get some ideas. keep in mind i am not a novice or a kiddie here. so you don't have to break it down unless you want to.

[jehnx]

Nah, ISP reporting can be useful dude. I've gotten, in just the past two months, four different guys kicked off for not leaving me the heck alone. It works, you just need proof, which is why you should set your firewall to log all violations and attempted violations, then send this, along with your complaint, to the ISP.

[{P²P}Apocalypse]

ISP reporting does work if you talk to the right person. The general office people are no help. For instance. I recently had a KiDDiE on Shaw Cable in Canada scaning me constantly. He tried a DOS attack and several other over the counter tools. I just sat and watched him and laughed. Well, after he kept this up for three days, i got pissed. So the next time he made and attempt (naturaly I saved the logs of the other attempts he made) I logged it and called his ISP while he was doing his thing. I got some idiot at the ISP that said for me to send an email to abuse. I refused to accept that. So I got technical with them. You know, if you can't dazzle them with brilliance, then baffle them with bullshi#%. So he had no idea what I was talking about and transfered me to IT. So anyway I got to talk to one of the network engineers. So he went to his terminal and watched this kid too. He put me on hold for about 20 minutes. When he came back the attack had stopped. He called the subscriber, killed the account and the connection. LOL Turns out it was a 13 year old playing on his dads office computer. So needless to say. It helps to call the ISP if you can talk to someone in IT.

[BERBURT]

this really helps thanx guys

[iNViCTuS]

My personal opinon is who cares if someone scans me for sub7 or for anything for that matter, there are too many people doing it to stop them all, and it is not worth my time to try. I know my systems are secured, and besides, if someone wants to take my CounterStrike maps or the library of technical documents I have, who really cares.

This won't happen anyway unless they can get past 3 firewalls, and Snort.