[31736] in North American Network Operators' Group
Re: netscan.org update
daemon@ATHENA.MIT.EDU (Mark Milhollan - Franklin Employee)
Fri Oct 13 23:22:47 2000
To: nanog@merit.edu
In-reply-to: <Pine.LNX.4.21.0009261756040.19329-100000@Overkill.EnterZone.Net>
Date: Fri, 13 Oct 2000 20:20:24 -0700
Message-ID: <2622.971493624@ftel.net>
From: Mark Milhollan - Franklin Employee <mlm@ftel.net>
Errors-To: owner-nanog-outgoing@merit.edu
John Fraizer writes:
>If someone doesn't want
>people sending ICMP echo-request to their network, they need to block it
>at the borders. If they do that, even if they have amp nets inside, they
>won't be available for abuse from the outside.
Only from ICMP echo-request based DDoS', others will still be available.
They'd have to block all traffic to their broadcast addresses, which is
pretty much what ``no directed broadcast'' does anyway.
>In any case, I find scanning for SMURF amps and scanning for
>vulnerabilities to be quite different.
Can't say I agree, since in fact they are both "vulnerabilities".
This is already too damn close to the usual thread about the other
active scan for my comfort.
/mark
