Re: Researchers ping through first full 'Internet census' in 25 years

[Mark Foster <blakjak () blakjak net>]

On Fri, 12 Oct 2007, Tim Franklin wrote:

> On Fri, October 12, 2007 2:49 pm, Justin M. Streiner wrote:
>
> > "HOST x.x.x.x ON YOUR NETWORK PINGED ME!!!!  I TAKE MY SECURITY
> > SERIOUSLY!!  I'M CALLING THE FBI!!!"
>
> That I can *sort* of understand - it's the flaming zealotry of "ALL ICMP
> IS EEEVIL!" trickling down from 99% of firewall admins working in
> enterprises to end users who just heard it from "someone in IT".
>
> It's the "Your server www.whatever.com is attacking me from port 80!" ones
> that leave me torn between laughing, crying, and seriously thinking about
> a cull...

Its all very well for those that know better to carry on like this, but I 
would suggest that those sortsa complaints only come from people who 
don't know better.  They don't know how to interpret their Firewall 
warnings.  And they don't know whats genuine and whats not.

Heck, I remember being a little like that myself, back in the days of 
Windows + Conseal PC Firewall being the best security solution affordably 
available to home users - and from being DoS'd offline at 14400...

(And i've only been working in the industry for 10 years.)

Suggest that rather than knocking those who genuinely think that its a 
warzone out there (and isn't it?) efforts of ISPs to educate clients as to 
what is genuine abuse (and what isn't) should be rewarded.

(If some random dynamic IP host on the other side of the world started 
hitting my firewall for no apparent reason, i'd be raising my eyebrows 
too.  Of course, these days, I have a much better idea of what is 
genuinely threatening and what isn't.)

Mark.

[Sorry, but sometimes I get the distinct impression that Network 
Operators sometimes forget that the vast majority of people simply aren't 
anywhere near their level.]