North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: "portscans" (was Re: Arbor Networks DoS defense product)
On Sat, 18 May 2002, Scott Francis wrote: > On Sat, May 18, 2002 at 11:05:34PM -0400, [email protected] said: > > attacked any host or network that I was not directly responsible for. > > If you don't want the public portions of your network mapped then you > > should withdraw them from public view. > Agreed there. Defense is important. It might be good to note that I'm not > giving a blanket condemnation of all portscans at all times; but as a GENERAL > RULE, portscans from strangers, especially methodical ones that map out a > network, are a precursor to some more unsavory activity. And what the critics keep missing is that it will take several landmine hits across the internet to invoke a blackhole. Just scanning a few individual hosts or /24s won't do it. There are three aims of the landmine project: 1) early warning 2) defensive response 3) deterrence I realize such a project won't be absolutely, positively perfect in every aspect, and it won't satisfy 100% of the people 100% of the time. But that's hardly an excuse to not do it. IMO the positives outweigh the negatives by far. -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-]
|