[Dshield] Port 135

Lauro, John jlauro at umflint.edu
Wed Oct 16 17:32:24 GMT 2002


IANAL, but this is no different then a web server that you did not
advertise, that someone finds, and posts a link, which it found by a
search engine...  (Actually the search engine would more likely find
it directly, but let's say it doesn't).  

You left port 135 open, so you must want people to send messages to
it.  Otherwise, why didn't you close/block it?

Now if you can show that they intentionally hacked through your
firewall, and didn't just walk through because you left the door wide
open their might be a case.  However, I suspect that you received the
messages because you didn't close the door, much less lock it...

BTW: President has been set that port scans alone are not illegal, as
long as they are not at a level to be an intentional DOS attack.

> -----Original Message-----
> From: Kenton Smith [mailto:ksmith at chartwelltechnology.com]
> Sent: Wednesday, October 16, 2002 12:30 PM
> To: list at dshield.org
> Subject: RE: [Dshield] Port 135
> 
> This has got to be illegal. How can someone who is accessing your
internal
> network through your firewall, without getting prior permission, be
> operating within the law? I'm no lawyer, but someone who gets hit
should
> take the spammer and/or the software vendor to court.
> 
> Kenton Smith
> 
> -----Original Message-----
> From: list-admin at dshield.org [mailto:list-admin at dshield.org]On
Behalf Of
> Roger
> Sent: Tuesday, October 15, 2002 4:44 PM
> To: Dshield
> Subject: [Dshield] Port 135
> 
> Getting  suspicious hits on port 135?  This may explain it.  A new
breed
> of spam slam.
> 
> http://www.wired.com/news/technology/0,1282,55795,00.html
> 
> 
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
> http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list