Today on Internet Storm Center there was a headline about
time warner security scans that was posted about 2 days ago
by someone who discovered the security scans from TW RR.
We discussed that here weeks ago. They basically are looking
for smtp relays as well as open webserver, ftp ports etc. I think
I was the one who first discovered, and posted it here.
Any time you send mail INTO the TW net, and are part of that net,
you make yourself eligible for a 1x/day scan which can be opted out
if you agree to not send mail into the TW mail system. The other
scans, for 21,23,25,80, 8080 etc and a few others cannot be
opted out of by a TW s*bscr*ber. (am redacting this from memory)
Along those lines, atstake released a paper last week about
padding of icmp data replys with random data read from
memory, something else I found back in August and which
others have known about for years, in some cases. However
they have just discovered it.
-----------------------
Bob Foxworth
Tampa, Florida
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 13:45:42 EDT