[47936] in North American Network Operators' Group
Re: "portscans" (was Re: Arbor Networks DoS defense product)
daemon@ATHENA.MIT.EDU (Scott Gifford)
Sat May 18 21:44:09 2002
X-Delivered-To: nanog@merit.edu
To: Scott Francis <darkuncle@darkuncle.net>
Cc: nanog@merit.edu
From: Scott Gifford <sgifford@suspectclass.com>
Date: 18 May 2002 21:43:16 -0400
In-Reply-To: Scott Francis's message of "Sat, 18 May 2002 16:03:11 -0700"
Message-ID: <lyg00onc97.fsf@gfn.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Errors-To: owner-nanog-outgoing@merit.edu
Scott Francis <darkuncle@darkuncle.net> writes:
[...]
> And why, pray tell, would some unknown and unaffiliated person be scanning my
> network to gather information or run recon if they were not planning on
> attacking? I'm not saying that you're not right, I'm just saying that so far
> I have heard no valid non-attack reasons for portscans (other than those run
> by network admins against their own networks).
Before choosing an onling bank, I portscanned the networks of the
banks I was considering. It was the only way I could find to get a
rough assessment of their network security, which was important to me
as a customer for obvious reasons.
I'm not sure if I would have been impressed or annoyed if they had
stopped accepting packets from my machine during the scan. :-)
-----ScottG.
