nanog mailing list archives
Re: Dynamic IP log retention = 0?
From: Neil <kngspook () gmail com>
Date: Sat, 14 Mar 2009 19:05:46 -0700
On Sat, Mar 14, 2009 at 6:24 AM, Bill Bogstad <bogstad () pobox com> wrote:
On Sat, Mar 14, 2009 at 4:12 AM, Neil <kngspook () gmail com> wrote:On Wed, Mar 11, 2009 at 6:34 AM, Brett Charbeneau <brett () wrl org> wrote: ......... As William pointed out, it's the things that follow that determine whether someone's being bad. To flag port-scans might be responsible, but I think pursuing legal action over it would be the exact opposite. Wait until someone demonstrates true maliciousness before trying to punish them,ratherthan bringing the heat merely because they've demonstrated the potentialformaliciousness.In the physical world, this is the equivalent of 'casing the joint'. In most parts of the world, you can now get stopped/interrogated for simply taking pictures of the wrong buildings. (Even ones that in the past might have been considered tourist attractions.) Whether you think this is a good/bad thing, you shouldn't be surprised that people are similarly concerned about such behavior in the virtual world.
Getting stopped/interrogated for simply taking pictures of tourist-y, or other, buildings is over-reacting as well, in my opinion. (For nearly all of them, there are already existing pictures of them; and once the Bad Guys get wind that people are being stopped for taking pictures, they'll either use already existing pictures, or go up and take them, get stopped, and blend in with all the other innocent people taking pictures... Pointless, unless someone's sitting on some magical Bad-Guy-Identifier that only works in interrogations.) And there's another name for 'casing the joint', it is 'looking around'. Looking around generally isn't a crime. Neither is casing a joint, for that matter. And like I suggested with port scanning, whether someone was 'looking around' or 'casing the joint' is really only determinable after they've robbed the joint or not. Before that point, you're almost stabbing in the dark.
This is almost akin to attacking someone because they're carrying a gun: sure, the gun gives them the potential to do bad things, but it oftenenoughis innocent. (Political agendas aside...)No, this is more like some unknown guy in a high-rise a mile a way pointing his laser sniper scope at people walking in the park. They don't KNOW that he has a rifle attached to that scope. Even if he does, they don't KNOW that he plans to use it. Most people will never notice that little red dot in the middle of their chest. If they do notice and report it, however, I can guarantee that a significant investigation will take place.
That's a bit questionable as well; the intention with a port scan is hardly so well defined as you suggest. And what if that little red dot is simply a laser pointer? I think I'd assume laser pointer before laser-aiming sniper, following the "Don't attribute to malice what could be attributed to stupidity instead" maxim or Occam's Razor...
Current thread:
- Re: Dynamic IP log retention = 0?, (continued)
- Re: Dynamic IP log retention = 0? Martin Hannigan (Mar 12)
- Re: Dynamic IP log retention = 0? Joe Greco (Mar 13)
- Re: Dynamic IP log retention = 0? Bobby Mac (Mar 13)
- Re: Dynamic IP log retention = 0? Valdis . Kletnieks (Mar 13)
- Re: Dynamic IP log retention = 0? Bill Stewart (Mar 13)
- Re: Dynamic IP log retention = 0? Charles (Mar 13)
- Re: Dynamic IP log retention = 0? Rob Evans (Mar 12)
- Re: Dynamic IP log retention = 0? JC Dill (Mar 12)
- Re: Dynamic IP log retention = 0? Bill Bogstad (Mar 14)
- Re: Dynamic IP log retention = 0? Neil (Mar 14)
- Re: Dynamic IP log retention = 0? Joe Greco (Mar 14)
- Re: Dynamic IP log retention = 0? Jim Popovitch (Mar 14)
- Re: Dynamic IP log retention = 0? Charles Wyble (Mar 14)
- Re: Dynamic IP log retention = 0? Marshall Eubanks (Mar 15)
- Re: Dynamic IP log retention = 0? William Allen Simpson (Mar 15)
- Re: Dynamic IP log retention = 0? Martin Hannigan (Mar 15)
- Re: Dynamic IP log retention = 0? JC Dill (Mar 14)