Re: netscan.org update

[John Fraizer <nanog () EnterZone Net>]

On Fri, 13 Oct 2000, Mark Milhollan - Franklin Employee wrote:

> John Fraizer writes:
> > If someone doesn't want
> > people sending ICMP echo-request to their network, they need to block it
> > at the borders.  If they do that, even if they have amp nets inside, they
> > won't be available for abuse from the outside.
>
> Only from ICMP echo-request based DDoS', others will still be available. 
> They'd have to block all traffic to their broadcast addresses, which is
> pretty much what ``no directed broadcast'' does anyway.

Um, did I say anything about other types of DDoS?  The thread, which is
nearly three weeks old BTW, was about netscan.org and scanning for SMURF
amp nets.

> > In any case, I find scanning for SMURF amps and scanning for
> > vulnerabilities to be quite different.
>
> Can't say I agree, since in fact they are both "vulnerabilities".

I would have hoped that you would have read the entire thread prior to
composing your reply.  Had you done so, perhaps your opinion might be
different.  In any case, the thread has been quiet for weeks now.

> This is already too damn close to the usual thread about the other
> active scan for my comfort.
>
>
> /mark

So why stir it more?



---
John Fraizer
EnterZone, Inc