Security Incidents mailing list archives
Re: Anti-Death Penalty & @Home
From: fruitbat () NETSPACE ORG (Eric the Fruitbat)
Date: Tue, 1 Feb 2000 12:47:08 -0500
Here's my question: what if you set up a firewall rule to send a RST to any port 80 (or 119) connection attempts made by their scanning machine(s)? This would simulate a closed port. Are there any methods available to combat this kind of trickiness?
This would work fine if the party in question (@Home) weren't the owner of the basic routing hardware. As it is, if they really want to know what kind of services you operate they can just scan the headers of all the packets going in and out of your site directly, as can any other ISP. Any firewall rules you might put up are totally irrelevant. To my knowledge, @Home has never gone after subscribers for running small- time web services. They're mostly just trying to make sure nobody is running a mini-ISP on their network. In my opinion, portscans are a lot less intrusive than other ways they might go about it. e -- "There is no education that is not political. An apolitical education is also political because it is purposely isolating." -- "There is no education that is not political. An apolitical education is also political because it is purposely isolating."
Current thread:
- Re: Anti-Death Penalty & @Home Eric the Fruitbat (Feb 01)