nanog mailing list archives

Re: Arbor Networks DoS defense product

From: Dan Hollis <goemon () anime net>
Date: Fri, 17 May 2002 00:50:40 -0700 (PDT)


On Thu, 16 May 2002, Dragos Ruiu wrote:

But that said.  Blackholing as a response for portscanning
is stupid.
If you are a small communications end-point it's dumb.
Just run portsentry for a while with auto-firewall rules
if you need convincing.
If you are a communications service provider providing
packet transit for others (even employees), it's hostile.


What if you are portscanned repeatedly by a network and that network 
refuses to shut down their scanners even after being asked many times
(eg, rogue chinese and korean networks)

I think that you should leave network policy up to the service provider to 
decide.

-Dan
-- 
[-] Omae no subete no kichi wa ore no mono da. [-]

Current thread:

Re: Arbor Networks DoS defense product, (continued)
- - - Re: Arbor Networks DoS defense product Scott Francis (May 16)
    - Message not available
    - Message not available
    - Message not available
    - Re: Arbor Networks DoS defense product Clayton Fiske (May 15)
    - Re: Arbor Networks DoS defense product PJ (May 15)
    - Re: Arbor Networks DoS defense product Clayton Fiske (May 15)
    - Re: Arbor Networks DoS defense product E.B. Dreger (May 15)
- Re: Arbor Networks DoS defense product Dan Hollis (May 16)
  - Re: Arbor Networks DoS defense product Valdis . Kletnieks (May 17)
    - Re: Arbor Networks DoS defense product Dan Hollis (May 17)
    - Re: Arbor Networks DoS defense product Johannes Ullrich (May 17)
  - Re: Arbor Networks DoS defense product Scott Francis (May 17)
- Re: Arbor Networks DoS defense product Dan Hollis (May 17)
  - Re: Arbor Networks DoS defense product Scott Francis (May 17)
- Re: Arbor Networks DoS defense product Dan Hollis (May 17)
  - Re: Arbor Networks DoS defense product Scott Francis (May 17)
    - Message not available
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Henry Yen (May 18)
    - Message not available
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 18)
    - Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) Allan Liska (May 18)
    - Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) E.B. Dreger (May 18)
    - Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)

(Thread continues...)