[AusNOG] SIP Portscanning from AS8075

Paul Wilkins paulwilkins369 at gmail.com
Sun Mar 6 17:51:06 EST 2016


Policing port scanning is a bit like "broken windows" policing. Port
scanning is not, of itself, a crime. It is however indicative of other
activities that would be criminal. The wider issue is the relative threat
of port scanning. If they're flipping your IDS's, chances are they're
amateurs and your valuable security resources could be better deployed
(which is why no one's interested).

Kind regards

Paul Wilkins

On 6 March 2016 at 16:29, Roland Dobbins <rdobbins at arbor.net> wrote:

> On 6 Mar 2016, at 11:03, Sean Finn wrote:
>
> You have some IP's in this range port scanning for open SIP servers across
>> NSWIX to a fair few endpoints.
>>
>
> Is the port-scanning aggressive enough to cause availability issues?
>
> -----------------------------------
> Roland Dobbins <rdobbins at arbor.net>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160306/3bb56e5c/attachment.html>


More information about the AusNOG mailing list