I seem to be getting portscans of my network from
166.49.72.158; which, when I nmap, shows up as
'live-split.wtn.rbn.com'. this seems to be one of Real Networks'
servers. 

what's the proper netiquette for alerting some host that they might
have been compromised?

Carl Soderstrom
_________________________________________
Systems Administrator    307 Brighton Ave. 
Minnesota DHIA	         Buffalo, MN	
carls at agritech.com       (763) 682-1091

---------------------------------------------------------------------
To unsubscribe, e-mail: tclug-list-unsubscribe at mn-linux.org
For additional commands, e-mail: tclug-list-help at mn-linux.org