[47826] in North American Network Operators' Group
(fwd) Re: Arbor Networks DoS defense product
daemon@ATHENA.MIT.EDU (PJ)
Wed May 15 20:59:49 2002
Date: Wed, 15 May 2002 17:57:27 -0700
From: PJ <briareos@otherlands.net>
To: nanog@merit.edu
Message-ID: <20020516005727.GA2217@elvander.otherlands.net>
Reply-To: PJ <briareos@otherlands.net>
Mail-Followup-To: PJ <briareos@otherlands.net>, nanog@merit.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Errors-To: owner-nanog-outgoing@merit.edu
Forgot to include nanog
----- Forwarded message from PJ <briareos@otherlands.net> -----
> Date: Wed, 15 May 2002 17:50:01 -0700
> From: PJ <briareos@otherlands.net>
> Subject: Re: Arbor Networks DoS defense product
> To: Clayton Fiske <clay@bloomcounty.org>
> Message-ID: <20020516005001.GB2107@elvander.otherlands.net>
> Reply-To: PJ <briareos@otherlands.net>
> User-Agent: Mutt/1.3.25i
>
> On Wed, 15 May 2002, Clayton Fiske wrote:
>
> >
> > On Wed, May 15, 2002 at 05:22:39PM -0700, PJ wrote:
> > > Are you now operating under the premise that scans != anything but the
> > > prelude to an attack? Sorry if I missed it earlier in the thread, but
> > > I would hate to think any legitimate scanning of a network or host
> > > would result in a false positive. Even more, I would hate to see the
> > > advocation of a hostile reaction to what, so far, is not considered a
> > > crime.
> >
> > So you can think of a perfectly legitimate reason to scan someone else's
> > netblocks on specific TCP ports?
> >
> > -c
> >
> >
>
> Has no one ever tested firewall rules from external networks? The
> fact remains is that a scan != an attack.
>
> PJ
>
> --
> The worst thing one can do is not to try, to be aware of what one
> wants and not give in to it, to spend years in silent hurt wondering
> if something could have materialized -- and never knowing.
> -- David Viscott
