[31508] in North American Network Operators' Group
Re: netscan.org update
daemon@ATHENA.MIT.EDU (John Payne)
Tue Sep 26 14:55:39 2000
Date: Tue, 26 Sep 2000 11:53:43 -0700
From: John Payne <john@sackheads.org>
To: nanog@merit.edu
Message-ID: <20000926115343.S32511@haybaler.sackheads.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.21.0009260107280.32741-100000@Overkill.EnterZone.Net>; from nanog@EnterZone.Net on Tue, Sep 26, 2000 at 01:13:35AM -0400
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, Sep 26, 2000 at 01:13:35AM -0400, John Fraizer wrote:
> The problem is that while some operators may not have been aware of their
> problem, if they are not aware of the problem at-large, they are, IMHO,
> not worthy of announcing to the global internet at large and as such,
> we should not be listening to their announcements.
So you wouldn't mind if people started scanning your network for other
problems, say... rootable boxes? Without being able to break into remote
boxes, kiddies wouldn't be able to launch smurf attacks of sizes to worry
about.
I'm not saying that having a list is a bad idea. But it should be a list
of amps that have been found using logs from attacks, not by going out
and scanning for them
--
John Payne http://www.sackheads.org/jpayne/ john@sackheads.org
http://www.sackheads.org/uce/ Fax: +44 870 0547954
To send me mail, use the address in the From: header
