North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

rr style scanning of non-customers

  • From: Kuhtz, Christian
  • Date: Fri Jun 13 22:16:11 2003

 

Hey gang,

 

Some ISPs, such as RR, appear to be implementing what I personally would consider quite aggressive approaches to guarding their network by implementing "proactive" scanning of non-customers, similar to what's described at

 

    http://security.rr.com/probing.htm

 

In this case, sending email to @rr.com appears to trigger this scanning business (mind you, this is not about the scanning their subs biz; I don't care to get into that in this thread). 

 

But, the question is.. How many people here are doing this sort of thing?  And where does this stop, short of nmapping the entire box?

 

Some time ago, when Code Red first came around, discussions raged as to how to deal with it and other infestations of customer owned/operated equipment.  And this kind of is a different slant on the same issue.  Except that it goes quite a bit further than your own prefixes.

 

I'm not looking to start a flamewar, I'm interested in a discussion or consensus discovery of how far "proactive" tasks can/should/shouldn't go.

 

Regards,

Christian

 



*****

"The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers."