Security Incidents mailing list archives
Re: blackholing t-dialin.net? sympatico.ca?
From: "Robert G. Ferrell" <root () rgfsparc cr usgs gov>
Date: Thu, 8 Mar 2001 10:19:39 -0600
still, this situation continues. is it worth starting to block their dialin netblocks?
I understand the temptation to take this sort of action, but if you blacklist an entire range of addresses, what you have effectively accomplished is to elevate the script kiddie from a mere port scanner to the instigator of large scale denial of service attack (depending, of course, on how far upstream you institute the blacklist). This is a difficult issue, admittedly, but my personal belief is that putting up with people rattling the doors in your neighborhood is on the whole preferable to cordoning off the entire block. Cheers, RGF Robert G. Ferrell, CISSP Information Systems Security Officer National Business Center U. S. Dept. of the Interior Robert_G_Ferrell () nbc gov ======================================== Who goeth without humor goeth unarmed. ========================================
Current thread:
- blackholing t-dialin.net? sympatico.ca? Jose Nazario (Mar 07)
- Re: blackholing t-dialin.net? sympatico.ca? Daniel R. Warner (Mar 07)
- AW: blackholing t-dialin.net? sympatico.ca? Jens Thiel (Mar 07)
- Re: blackholing t-dialin.net? sympatico.ca? Steffen Dettmer (Mar 09)
- <Possible follow-ups>
- Re: blackholing t-dialin.net? sympatico.ca? Bill Royds (Mar 07)
- Re: blackholing t-dialin.net? sympatico.ca? Robert G. Ferrell (Mar 08)
- Re: blackholing t-dialin.net? sympatico.ca? Jose Nazario (Mar 08)