nanog mailing list archives
Re: "portscans" (was Re: Arbor Networks DoS defense product)
From: Dan Hollis <goemon () anime net>
Date: Sun, 19 May 2002 00:12:01 -0700 (PDT)
On Sat, 18 May 2002, Scott Francis wrote:
On Sat, May 18, 2002 at 11:05:34PM -0400, woods () weird com said:attacked any host or network that I was not directly responsible for. If you don't want the public portions of your network mapped then you should withdraw them from public view.Agreed there. Defense is important. It might be good to note that I'm not giving a blanket condemnation of all portscans at all times; but as a GENERAL RULE, portscans from strangers, especially methodical ones that map out a network, are a precursor to some more unsavory activity.
And what the critics keep missing is that it will take several landmine hits across the internet to invoke a blackhole. Just scanning a few individual hosts or /24s won't do it. There are three aims of the landmine project: 1) early warning 2) defensive response 3) deterrence I realize such a project won't be absolutely, positively perfect in every aspect, and it won't satisfy 100% of the people 100% of the time. But that's hardly an excuse to not do it. IMO the positives outweigh the negatives by far. -Dan -- [-] Omae no subete no kichi wa ore no mono da. [-]
Current thread:
- Re: "portscans" (was Re: Arbor Networks DoS defense product), (continued)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 19)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Stephen J. Wilcox (May 19)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Dan Hollis (May 19)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Greg A. Woods (May 19)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Gifford (May 19)
- RE: "portscans" (was Re: Arbor Networks DoS defense product) James (May 19)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Greg A. Woods (May 18)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Greg A. Woods (May 18)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 19)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Dan Hollis (May 19)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 19)