Re: OT: ethics
- In general this is a bad idea and you should stop doing it
immediately. In the best case it would be seen by the other side as
an attack on them from you. In the worst case they might retaliate
even more against you with some other kind of attack. Considering
that over 80% of spam is now sent by botnets
you'd be scanning infected machines and not learning anything about
anyone other than a home user's ISP, and risking that ISP from
reporting YOU as an attacker to your ISP.
The best thing you could do (and even this will have marginal success)
is to report the IP to the ISP that owns the address you received the
spam from. They might be able to take that system offline.
Otherwise, just block the suckers and move on. You probably have
better things to do with your time.
On Wed, Jul 1, 2009 at 3:37 PM, ghe<ghe@...> wrote:
> Wietse says something like "Spam is war -- RFCs don't apply." OK, but how
> about nmap ethics?
> I've started hitting spam IPs and their nets with nmap to find out who they
> are and maybe a little of what they're up to (and using the info to decide
> if the net belongs in my packet filter). What's the opinion of the list? Is
> this OK, or just plain rude?
> Glenn English
- On 7/1/09 1:49 PM, Brian Mathis wrote:
> Otherwise, just block the suckers and move on. You probably haveGood point, well taken. Thank you all.
> better things to do with your time.
- On Wed, July 1, 2009 22:01, ghe wrote:
> Good point, well taken. Thank you all.http://www.spamhaus.org/drop/index.lasso drop this in firewall
and let fail2ban do the rest