nanog mailing list archives

Re: "portscans" (was Re: Arbor Networks DoS defense product)

From: woods () weird com (Greg A. Woods)
Date: Sun, 19 May 2002 13:42:31 -0400 (EDT)


[ On Sunday, May 19, 2002 at 11:22:08 (-0400), Ralph Doncaster wrote: ]

Subject: Re: Re[4]: "portscans" (was Re: Arbor Networks DoS defense product)

I think that's pretty stupid.  If I had my network admin investigate every
portscan, my staff costs would go up 10x and I'd quickly go bankrupt.


Indeed -- and we can only hope.  I know a few companies who actually do
that, and sometimes their policies about how they do it are so broken
they refuse to acknowledge the difference between the likes of a squid
cache server just doing its job and a compromised Windoze box scanning
for web servers.  :-)

-- 
                                                                Greg A. Woods

+1 416 218-0098;  <gwoods () acm org>;  <g.a.woods () ieee org>;  <woods () robohack ca>
Planix, Inc. <woods () planix com>; VE3TCP; Secrets of the Weird <woods () weird com>

Current thread:

Re: "portscans" (was Re: Arbor Networks DoS defense product), (continued)
- - - Re: "portscans" (was Re: Arbor Networks DoS defense product) Dan Hollis (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Mitch Halmu (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Dan Hollis (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Mitch Halmu (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Mike Lewinski (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Stephen Griffin (May 20)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Nathan J. Mehl (May 21)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Greg A. Woods (May 20)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Greg A. Woods (May 19)
    - Message not available
    - Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) JC Dill (May 19)
    - Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Gifford (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Alex Rubenstein (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) william (May 19)
    - Re: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)

(Thread continues...)