|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: "portscans" (was Re: Arbor Networks DoS defense product)
[ On Sunday, May 19, 2002 at 03:16:28 (-0700), Dan Hollis wrote: ] > Subject: Re: "portscans" (was Re: Arbor Networks DoS defense product) > > On 18 May 2002, Scott Gifford wrote: > > Before choosing an onling bank, I portscanned the networks of the > > banks I was considering. It was the only way I could find to get a > > rough assessment of their network security, which was important to me > > as a customer for obvious reasons. > > So for your offline banks, do you also go to the local branches at night > and jiggle all the locks to make sure their doors and windows are locked? That analogy is fundamentaly flawed. For one the Interent is never locked after hours -- there is no "after hours", it's always open! There are also no sign posts at every router on the Internet. The only sign-posts are the responses you get from trying a given door -- either it opens or it doesn't. Unless you actually try to go somewhere in TCP/IP-land you won't know whether or not you can get there. A good firewall makes it appear for all intents and purposes that there's no door handle to wiggle in the first place. -- Greg A. Woods +1 416 218-0098; <[email protected]>; <[email protected]>; <[email protected]> Planix, Inc. <[email protected]>; VE3TCP; Secrets of the Weird <[email protected]>
|