Portscans are definitely less of a privacy issue than the idea that they
are doing packet sniffing.

"Shawn T. Rutledge" wrote:
> 
> On Fri, Mar 10, 2000 at 09:43:40AM -0700, sinck@corp.quepasa.com wrote:
> > And, in the FWIW department, I think 24.0.0.0/8 will block more than
> > @home, which the last report on PLUG I saw was only 24.1.x.x -
> > 24.14.x.x .
> 
> Yeah it also blocks speedchoice, maybe others.  But the trouble is I've
> never seen a definitive answer on what their subnet really is.  This guy
> got scanned from a 24.0 address so evidently it goes beyond 24.1 - 24.14.
> >
> > \_ Actually, they may wise up and start running those scans from a
> > \_ nameserver.  (It's what I would do.)  Then you would have to allow DNS
> > \_ through while blocking all other ports from that IP, instead of blanket
> > \_ denying the IP.
> >
> > What I'm more concerened with is if they don't scan from 24.x.....
> 
> Yep.  I would hope they don't get that paranoid.  Anyway there's still
> nothing I could do AFAIK to prevent a passive detection method (if they
> simply snoop all the packets and look for tcp packets going through to
> port 80 and getting a reply).  But when I was on the unix@home mailing
> list (now defunct AFAICT) there were a lot of people reporting that they
> got portscanned.  So I think that is their usual detection method.
> 
> --
>   _______                                     http://www.bigfoot.com/~ecloud
>  (_  | |_)  ecloud@bigfoot.com   finger rutledge@cx47646-a.phnx1.az.home.com
>  __) | | \__________________________________________________________________
>  Get money for spare CPU cycles at http://www.ProcessTree.com/?sponsor=5903
> 
> _______________________________________________
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

-- 
Digital Wokan
Tribal mage of the electronics age
Guerilla Linux Warrior