[Dshield] It didn't take long!

Chris Brenton cbrenton at chrisbrenton.org
Tue Jan 27 14:56:04 GMT 2004


On Tue, 2004-01-27 at 08:26, mokum wrote:
> David Hart wrote:
> 
> >I have a new static IP that, supposedly, has not been used for some
> >period of time. Within one hour of activation, I'm seeing the usual
> >array of pop-up and hack attempts.
> >
> Do not flatter yourself [or your ip address]: 99.99 procent of what you 
> will ever see on 'your' ip address is not directed at -you- but just at 
> an address of a  'randomly' generated ip range.

Ummm... I can't speak for David, but I think that was the point. Its an
IP address that's just been enabled and its already getting slammed by
all the script kiddie noise. I doubt he feels he's being targets
specifically, at least I don't remember him ever mentioning his tin foil
hat. ;-)

> You are not telling me 
> that you actually thought that an 'not been used' ip address is not 
> being addressed by all those lame worms and scanners, now are you?

Again, I read this as David saying the complete opposite. The comment
speaks specifically to the large number of random probes. If its an
unused IP, no one should be targeting it specifically, so anything he is
already seeing must be noise.

C





More information about the list mailing list