[AusNOG] SIP Portscanning from AS8075
Paul Wilkins
paulwilkins369 at gmail.com
Sun Mar 6 17:51:06 EST 2016
Policing port scanning is a bit like "broken windows" policing. Port
scanning is not, of itself, a crime. It is however indicative of other
activities that would be criminal. The wider issue is the relative threat
of port scanning. If they're flipping your IDS's, chances are they're
amateurs and your valuable security resources could be better deployed
(which is why no one's interested).
Kind regards
Paul Wilkins
On 6 March 2016 at 16:29, Roland Dobbins <rdobbins at arbor.net> wrote:
> On 6 Mar 2016, at 11:03, Sean Finn wrote:
>
> You have some IP's in this range port scanning for open SIP servers across
>> NSWIX to a fair few endpoints.
>>
>
> Is the port-scanning aggressive enough to cause availability issues?
>
> -----------------------------------
> Roland Dobbins <rdobbins at arbor.net>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160306/3bb56e5c/attachment.html>
More information about the AusNOG
mailing list