nanog mailing list archives

Re: sniffer/promisc detector

From: Valdis.Kletnieks () vt edu
Date: Wed, 21 Jan 2004 11:40:15 -0500

On Wed, 21 Jan 2004 15:58:14 +0100, Ruben van der Leij <ruben-nanog () nutz nl>  said:

Somebody who isn't smart enough to do 'nmap -p 0-65535 $target' isn't worth
diverting.


I'm sure everybody who got whacked by Lion or CodeRed or Blaster or.... are
glad to hear those attacks weren't worth diverting.

The point is that if somebody is doing 'nmap -p 0-65535' at you, you are a *specific*
target, and not one of the "get a probe every 4 minutes" targets that every machine
on the wire is.

Attachment: _bin
Description:

Current thread:

Re: sniffer/promisc detector, (continued)
- - - Re: sniffer/promisc detector Dave Israel (Jan 20)
    - Re: sniffer/promisc detector Niels Bakker (Jan 20)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 21)
    - Re: sniffer/promisc detector Steven M. Bellovin (Jan 20)
    - Re: sniffer/promisc detector haesu (Jan 20)
- Re: sniffer/promisc detector Damian Gerow (Jan 16)
- RE: sniffer/promisc detector Michel Py (Jan 20)
  - RE: sniffer/promisc detector Henry Linneweh (Jan 20)
- Re: sniffer/promisc detector Michael . Dillon (Jan 21)
  - Re: sniffer/promisc detector Ruben van der Leij (Jan 21)
    - Re: sniffer/promisc detector Valdis . Kletnieks (Jan 21)
    - Re: sniffer/promisc detector Ruben van der Leij (Jan 21)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 21)
    - Re: sniffer/promisc detector Crist Clark (Jan 21)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 21)
    - Re: sniffer/promisc detector Fyodor (Jan 22)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 22)
    - Re: sniffer/promisc detector Alexei Roudnev (Jan 22)
    - Re: sniffer/promisc detector Ruben van der Leij (Jan 22)
    - Re: sniffer/promisc detector Jason Slagle (Jan 22)
    - Re: sniffer/promisc detector Ruben van der Leij (Jan 22)

(Thread continues...)