nanog mailing list archives
Re: anti-spam vs network abuse
From: jlewis () lewis org
Date: Sat, 1 Mar 2003 14:07:18 -0500 (EST)
On 1 Mar 2003, Michael Lamoureux wrote:
andy> If so, why outlaw the act of probing? Why not outlaw "probing andy> for the purposes of..."? What's the offset into the probe packets to the "intent of the this probe" field? And would you trust it if there were one anyway?
People speed, drive drunk, and run over pedestrians. Should we outlaw cars? Maybe just in California? :)
What's a legit probe? One where the owner gave you permission in advance to run the scan? I can't think of another definition of that phrase.
When you walk into the secure part of an airport or some schools in rough neighborhoods, you're scanned for metallic objects. When you exchange traffic with certain networks, they may also want to check you out to see what risk may be associated with accepting your data in the future. If your system is an open relay/proxy, then there's elevated risk that at some point (if not already), the data coming from your system will be SPAM. Some networks will choose not to accept your data or to tag it in order to prevent their customers from having to accept unwanted data.
This is a completely naive statement. There are 0 networks that I'm willing to believe have 0 vulnerabilities on them. There may be 0 that you know about, but that doesn't mean there aren't more vulnerabilities which aren't public knowledge lurking in sendmail or bind or ssh or ssl or apache or any number of other services you have running.
So if nobody probes your network, it's more secure? ---------------------------------------------------------------------- Jon Lewis *jlewis () lewis org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- Re: anti-spam vs network abuse jlewis (Feb 28)
- <Possible follow-ups>
- Re: anti-spam vs network abuse jlewis (Feb 28)
- Re: anti-spam vs network abuse up (Mar 01)
- Re: anti-spam vs network abuse Paul Vixie (Mar 01)
- Re: anti-spam vs network abuse Hank Nussbacher (Mar 01)
- Re: anti-spam vs network abuse Michael Lamoureux (Mar 01)
- Re: anti-spam vs network abuse jlewis (Mar 01)
- Re: anti-spam vs network abuse Charlie Clemmer (Mar 01)
- Message not available
- Re: anti-spam vs network abuse Charlie Clemmer (Mar 01)
- Re: anti-spam vs network abuse Andy Dills (Mar 01)
- Re: anti-spam vs network abuse Michael Lamoureux (Mar 01)
- Re: anti-spam vs network abuse Richard Irving (Mar 03)