compromised host netiquette

To: tclug-list@mn-linux.org
Subject: compromised host netiquette
From: "Carl Wilhelm Soderstrom" <carls@agritech.com>
Date: Mon, 26 Jun 2000 11:39:43 -0500
Organization: Minnesota DHIA

	I seem to be getting portscans of my network from
166.49.72.158; which, when I nmap, shows up as
'live-split.wtn.rbn.com'. this seems to be one of Real Networks'
servers. 

what's the proper netiquette for alerting some host that they might
have been compromised?

Carl Soderstrom
_________________________________________
Systems Administrator    307 Brighton Ave. 
Minnesota DHIA	         Buffalo, MN	
carls@agritech.com       (763) 682-1091

Follow-Ups:
- Re: [TCLUG:19184] compromised host netiquette
  - From: Ben Kochie <ben@nerp.net>
- Re: [TCLUG:19184] compromised host netiquette
  - From: Mike Hicks <hick0088@tc.umn.edu>
- Re: [TCLUG:19184] compromised host netiquette
  - From: "Troy A. Johnson" <john1536@tc.umn.edu>

Prev by Date: Re: [TCLUG:19127] SSH Clients
Next by Date: Re: [TCLUG:19184] compromised host netiquette
Prev by thread: Re: [TCLUG:19127] SSH Clients
Next by thread: Re: [TCLUG:19184] compromised host netiquette
Index(es):
- Date
- Thread