TIP: Click on subject to list as thread! ANSI
echo: alt-comp-anti-virus
to: ALL
from: THANE
date: 2015-01-17 01:18:00
subject: Re: The number of entitie
On Sat, 17 Jan 2015 13:08:16 -0500, Virus Guy wrote:

> This is what passes for computer science education and research these
> days.  I bet this scanning is happening from every university and
> college with a technical or comp-sci school.
> 
> complete bull####.
> 
> What a waste of bandwidth.
> 
> This IP hit me on ports 161, 53 and 1900.
> 
> You tell me why those ports.  What the hell was it expecting to get from
> ports 161 or 1900?
> 
> =================================================
> 
> 
> http://134.147.203.115/
> 
> -----------
> Welcome to the Amplification DDoS Tracker Project
> 
> Dear visitor,
> 
> You landed on this page most likely because you noticed that this
> particular host is scanning for UDP and TCP servers of many protocols.
> We, the Chair for System Security of the Ruhr University Bochum, Germany
> - intentionally run these scans to get an overview of servers that can
> be used for amplification in Distributed Denial of Service attacks.
> 
> For more information on our research, please have a look at our research
> results that we presented at the NDSS'14 conference in Feb '14.
> 
> We will present further research results at the USENIX Security '14
> conference and the USENIX Workshop on Offensive Technologies (WOOT'14)
> in Aug '14.
> 
> If our scans disturb you in any way, please feel free to send us a
> notice and we can exclude your netrange from our scans. However, please
> note that we share our scan results with CERTs worldwide. This helps to
> notify operators of insecure servers/hosts. Only if your netrange is not
> excluded from the scans you will be able to receive such notices.
> 
> Thank you for your understanding. In case you have any questions, please
> contact syssec+abuse [a_t] rub [dot] de
> 
> Our university's website: http://syssec.rub.de/

It's clear you don't understand the word *research*. The university 
announced it to answer this question. However, your solution is, as 
always - just block the IP address.

Thane

PS - I see you're still forging your posting address.
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.