[112674] in North American Network Operators' Group
Re: Dynamic IP log retention = 0?
daemon@ATHENA.MIT.EDU (Joe Greco)
Thu Mar 12 20:53:13 2009
From: Joe Greco <jgreco@ns.sol.net>
To: Mark_Andrews@isc.org (Mark Andrews)
Date: Thu, 12 Mar 2009 18:52:45 -0600 (CST)
In-Reply-To: <200903130033.n2D0XMBf042996@drugs.dv.isc.org> from "Mark
Andrews" at Mar 13, 2009 11:33:22 AM
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
> Well most port scanning is from compromised boxes. Once a
> box is compromised it can be used for *any* sort of attack.
> If you really care about security you take reports of ports
> scans seriously.
Yeahbut, the real problem is that port scanning is typically used as
part of a process to infect _other_ boxes. If you allow this sort of
illness to spread, the patient (that is, the Internet) doesn't get
better.
... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
