[29738] in North American Network Operators' Group
Re: RBL-type BGP service for known rogue networks?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Jul 6 16:36:44 2000
Message-Id: <200007062018.e66KIiS27082@black-ice.cc.vt.edu>
To: "Richard A. Steenbergen" <ras@e-gerbil.net>
Cc: Dan Hollis <goemon@sasami.anime.net>,
Karyn Ulriksen <kulriksen@publichost.com>, nanog@merit.edu
In-Reply-To: Your message of "Thu, 06 Jul 2000 16:02:19 EDT."
<Pine.BSF.4.21.0007061601270.21550-100000@overlord.e-gerbil.net>
From: Valdis.Kletnieks@vt.edu
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_-1114989840P";
micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Thu, 06 Jul 2000 16:18:44 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-1114989840P
Content-Type: text/plain; charset=us-ascii
On Thu, 06 Jul 2000 16:02:19 EDT, "Richard A. Steenbergen" said:
> binding a range of IPs on it, to look for at least the "obvious" scans. I
> suspect not as many people as you would think are qualified to setup and
> accurately use this kind of system (the number of stupid and paranoid
> people who will complain about innocent behavior is almost as high as the
> number of stupid and unconcerned people out there who will be
> compromised).
Oh, I'm quite aware of how shallow the talent pool out there is - hell, if I
got asked to review the SANS ddos roadmap white paper and top-ten list, there
can't be THAT much kloo out there. ;)
I get enough complaints from ZoneAlarm users who think that our NTP servers
are scanning their ports 13, 37, and 137... ;)
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
--==_Exmh_-1114989840P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2
Comment: Exmh version 2.2 06/16/2000
iQA/AwUBOWTpo3At5Vm009ewEQJ55gCfUCI7rDyNBIgVv3HBNxEPiZpubmwAn3GE
kP8OSMEX3AtTm7S6S3hci0FA
=UqVC
-----END PGP SIGNATURE-----
--==_Exmh_-1114989840P--