PDA

View Full Version : Security.Scanner.ntli.net

toytown
01-04-2004, 14:10
Hi

Just had lots of hits to my own email server from the address 62.253.160.70 (please.see.www.security.scanner.ntli.net) the host appeared to be checking my mail server for all kinda of different ways to send an email, but was stopped at every attempt to relay.

Is this just an attempt from NTL to make sure my emailserver is secure and setup correctly? I went to the address mentioned (www.security.scanner.ntli.net (http://www.security.scanner.ntli.net)) but all i got was the status of the ntlworld email servers

thanx for your answers
Toytown
Chris W
01-04-2004, 14:29
from what i have heard, ntl were planning this week to do tests for an open proxys on the network... this could explain what you have experienced. I can't remember where i read this, but i know it was a reliable source!

hth
Richard M
01-04-2004, 14:46
Sounds like a damn good idea to me. :tu:
toytown
01-04-2004, 15:29
Agreed its a very good idea, but the address (www.security.scanner.ntli.net (http://www.security.scanner.ntli.net)) could better explain the reason for it.

Also what would happen to customers with open relays? Cable Modem Access removed temporarily? port 25 blocked?..........or most likely nothing at all.
Ramrod
01-04-2004, 15:51
(www.security.scanner.ntli.net (http://www.security.scanner.ntli.net)This is hillarious considering the date :D
btw....my ntl e-mail is down atm :rolleyes:
Chris W
01-04-2004, 16:36
Agreed its a very good idea, but the address (www.security.scanner.ntli.net (http://www.security.scanner.ntli.net)) could better explain the reason for it.

Also what would happen to customers with open relays? Cable Modem Access removed temporarily? port 25 blocked?..........or most likely nothing at all.

The would first get an email/ letter advising them that they are in breach of the AUP... if they didn't do anything about it, they would be warned again (strike 2) and on the third strike, their BB would be suspended until they signed an agreement promising to keep to the AUP and had resolved the problem. If they didn't do this within 28 days the BB would be permanently disconnected.

Seems fair to me! :D
Fox
01-04-2004, 17:19
Agreed its a very good idea, but the address (www.security.scanner.ntli.net (http://www.security.scanner.ntli.net/)) could better explain the reason for it.
I agree, but the page DOES say the reason for it:

Network maintenance
We are currently undertaking network maintenance.

You may notice a scan from one of our network probes. This scan is wholly non invasive and your internet service will not be affected in any way.
toytown
01-04-2004, 17:23
I agree, but the page DOES say the reason for it:
Ah my page only brings up details of the mail server problem and for the items mentioned, it dosent say anything about probes from NTL.
ian@huth
01-04-2004, 17:39
Ah my page only brings up details of the mail server problem and for the items mentioned, it dosent say anything about probes from NTL.

If you change the date range to March you will see the probe post.