Procmail Vulnerabilities check
Kurt Jaeger
lists at opsec.eu
Tue Dec 12 08:23:57 UTC 2017
Hi!
> > With transparency, I mean:
> > - reverse dns is set
> > - scan from the same IP all the time
> They don't. For the sake of argument, I'll name showdan; they use (off
> the top of my head) some 9 to 12 addresses. Addresses the move, also. :(
If their IPs are published somewhere in a parseable format,
I'm fine if it's multiple IPs or if they move etc.
> > https://github.com/TLS-Check/tls-check
> I respectfully agree to disagree with you on this. Mostly on one point;
> I should be informed *prior* to the port scan/audit, not *after*.
What type of announcement on what list/forum/irc-channel would you
accept/monitor/etc ?
Would it be sufficient, if the PTR record has some TXT that points
to the official site with the details of the scan ? So that
during incoming scans you can automatically look up the source
of the scan ?
That would differentiate a research scan from an attack scan, wouldn't it ?
Given that most attackers scan unannounced, and systems have to handle
that case, I do not see the problem in scans being done unannounced, btw.
--
pi at opsec.eu +49 171 3101372 3 years to go !
More information about the freebsd-ports
mailing list