[47968] in North American Network Operators' Group
Re: "portscans" (was Re: Arbor Networks DoS defense product)
daemon@ATHENA.MIT.EDU (Greg A. Woods)
Sun May 19 13:37:24 2002
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: woods@weird.com (Greg A. Woods)
To: nanog@merit.edu (North America Network Operators Group Mailing List)
In-Reply-To: <Pine.LNX.4.44.0205190301150.10592-100000@sasami.anime.net>
Reply-To: nanog@merit.edu (North America Network Operators Group Mailing List)
Message-Id: <20020519173649.67CD4AC@proven.weird.com>
Date: Sun, 19 May 2002 13:36:49 -0400 (EDT)
Errors-To: owner-nanog-outgoing@merit.edu
[ On Sunday, May 19, 2002 at 03:16:28 (-0700), Dan Hollis wrote: ]
> Subject: Re: "portscans" (was Re: Arbor Networks DoS defense product)
>
> On 18 May 2002, Scott Gifford wrote:
> > Before choosing an onling bank, I portscanned the networks of the
> > banks I was considering. It was the only way I could find to get a
> > rough assessment of their network security, which was important to me
> > as a customer for obvious reasons.
>
> So for your offline banks, do you also go to the local branches at night
> and jiggle all the locks to make sure their doors and windows are locked?
That analogy is fundamentaly flawed. For one the Interent is never
locked after hours -- there is no "after hours", it's always open!
There are also no sign posts at every router on the Internet. The only
sign-posts are the responses you get from trying a given door -- either
it opens or it doesn't. Unless you actually try to go somewhere in
TCP/IP-land you won't know whether or not you can get there. A good
firewall makes it appear for all intents and purposes that there's no
door handle to wiggle in the first place.
--
Greg A. Woods
+1 416 218-0098; <gwoods@acm.org>; <g.a.woods@ieee.org>; <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>