[47965] in North American Network Operators' Group
Re[6]: "portscans" (was Re: Arbor Networks DoS defense product)
daemon@ATHENA.MIT.EDU (Allan Liska)
Sun May 19 11:59:48 2002
Date: Sun, 19 May 2002 11:59:15 -0400
From: Allan Liska <allan@allan.org>
Reply-To: Allan Liska <allan@allan.org>
Message-ID: <6590637554.20020519115915@allan.org>
To: "nanog@merit.edu" <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.21.0205191119380.27298-100000@cpu1693.adsl.bellglobal.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Hello Ralph,
Sunday, May 19, 2002, 11:22:08 AM, you wrote:
>> If they don't give a satisfactory bank somewhere else (or offer your
>> services ;)). Certainly that is a better approach than scanning to
>> see what you can find out. The organization receiving the scan has
>> no way of knowing what your intentions are -- and should interpret
>> them as hostile.
RD> I think that's pretty stupid. If I had my network admin investigate every
RD> portscan, my staff costs would go up 10x and I'd quickly go bankrupt.
RD> Instead we keep our servers very secure, and spend the time and effort
RD> only when there is evidence of a break in.
I didn't say investigate every portscan, I said assume every portscan
is hostile. There is a big difference.
allan
--
allan
allan@allan.org
http://www.allan.org
