Security Incidents mailing list archives
Re: China Experience ?
From: "Jay D. Dyson" <jdyson () treachery net>
Date: Tue, 23 Jul 2002 16:32:01 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 23 Jul 2002, euan wrote:
Is it really worth blocking an entire country because of a few trivial-to-defend-against scans? Do you panic after receiving scans for things like tcp 53 and 21? Perhaps you should consider changing your IDS policies if you waste so much time investigating non-issues.
It's not just the net.abuse, it's the *volume* of net.abuse and the sheer and utter lack of any caring by the admins over there. Look, I don't blackhole networks on a whim. After thousands upon thousands of scans (both human- and worm-sired), tons of repeated spam carpet-bombings on my mail servers, and other forms of net.abuse -- all of which was duly reported and summarily ignored by the cognizant parties -- I saw no alternative but to blackhole not only China, but Korea and Taiwan as well.
How many of these scans/"hacking" attempts actually led to a successful comprimise?
On my systems? None. On your typical joe and jane user's system, more than I care to imagine. Does a lack of success on the part of the attacker excuse the attack in your mind? If someone tries to break into my house, I still have a legitimate gripe against their conduct.
Frankly this thread, complete with 11/09 references now, smacks of xenophobia, and that is indeed a sad thing to see appearing on the internet.
Bah. If I saw the same sort of nonsense on an equally epidemic level with equally pervasive lack of concern by the cognizant parties coming out of Canada or U.S. universities, they'd get blackholed as well. So don't even bother trying to play that race card, sport. That bulldada won't fly. Period. - -Jay ( ( _______ )) )) .--"There's always time for a good cup of coffee"--. >====<--. C|~~|C|~~| (>------ Jay D. Dyson -- jdyson () treachery net ------<) | = |-' `--' `--' `-- I'll be diplomatic...when I run out of ammo. --' `------' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (TreacherOS) Comment: See http://www.treachery.net/~jdyson/ for current keys. iD8DBQE9Ped0GI2IHblM+8ERAv4nAJ45gRqgWF62w0mRDx1LHT7dk/SCCwCcDIHK H8s55cNpyWabVOcLF5hvKrs= =e7Mk -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE: China Experience ? Curley Mr Eric P (Jul 22)
- Re: China Experience ? incidents.nospam13 (Jul 22)
- Re: China Experience ? Paul Gear (Jul 22)
- <Possible follow-ups>
- RE: China Experience ? Curley Mr Eric P (Jul 22)
- Re: China Experience ? SecurityPortal (Jul 23)
- Re: Re: China Experience ? kevin.chen (Jul 23)
- Re: Re: China Experience ? Alif The Terrible (Jul 23)
- Re: Re: China Experience ? Chris Brenton (Jul 23)
- Re: China Experience ? euan (Jul 23)
- Re: China Experience ? Jay D. Dyson (Jul 24)
- Message not available
- Re: China Experience ? euan (Jul 24)
- Re: China Experience ? Chris Brenton (Jul 24)
- Re: Re: China Experience ? Alif The Terrible (Jul 23)
- Re: China Experience ? Ken Blinco (Jul 23)
- Re: Re: China Experience ? Nick FitzGerald (Jul 24)
- Re: China Experience ? incidents.nospam13 (Jul 22)
- Re: Re: China Experience ? Russell Fulton (Jul 23)
- Re: Re: China Experience ? Alif The Terrible (Jul 24)
- RE: Re: China Experience ? Christopher Barker (Jul 24)