[KLUG Members] Legal Liabilty?

[Bruce Smith]

> >Early this morning my Zone Alarm Firewall software started alerting me to
> >the fact that a particular IP was trying to access my system. Upon further
> >investigation I found that the IP in question was trying to access my PC
> >using Netbios. So I in turn scanned the ip using a basic NT net view \\[IP]
> >command.
> 
> Since they were only hitting your Netbios port it could be they simply
> foobarred a WINS or lmhosts entry and this was entirely inadvetant.

I get all kinds of records in my logs for the Netbios port.
I don't know if it's an attack, or a dumb windows machine/user.

> >My question is... Can I get busted for this ?
> 
> Theoretically, yes.  You didn't leave your name & number in the file I
> hope?  I'd imagine someone without a password on C$ was either doing the
> scan by accident or was a computer that had already been compromised.

Or maybe it was a honeypot, and now there are guys in black surburbans
outside your house with cameras and directional microphones?   ;->
Don't talk to anyone without the water running loud!!!   ;-)

> >I didn't appreciate my Firewall blowing up like crazy so I wanted to take
> >action.
> 
> Why?  That is what firewalls are for.  Mine picks up a port scan, etc...
> now and then.  Unless it is insistent I just don't worry about it and
> figure it's just reassuring me it is doing its job.

Yeah, get used to it.  I'm going to need a larger hard drive soon 
for my firewall log at work.

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------