[47969] in North American Network Operators' Group
Re: "portscans" (was Re: Arbor Networks DoS defense product)
daemon@ATHENA.MIT.EDU (Greg A. Woods)
Sun May 19 13:43:03 2002
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: woods@weird.com (Greg A. Woods)
To: nanog@merit.edu (North America Network Operators Group Mailing List)
In-Reply-To: <Pine.LNX.4.21.0205191119380.27298-100000@cpu1693.adsl.bellglobal.com>
Reply-To: nanog@merit.edu (North America Network Operators Group Mailing List)
Message-Id: <20020519174231.91B88AC@proven.weird.com>
Date: Sun, 19 May 2002 13:42:31 -0400 (EDT)
Errors-To: owner-nanog-outgoing@merit.edu
[ On Sunday, May 19, 2002 at 11:22:08 (-0400), Ralph Doncaster wrote: ]
> Subject: Re: Re[4]: "portscans" (was Re: Arbor Networks DoS defense product)
>
> I think that's pretty stupid. If I had my network admin investigate every
> portscan, my staff costs would go up 10x and I'd quickly go bankrupt.
Indeed -- and we can only hope. I know a few companies who actually do
that, and sometimes their policies about how they do it are so broken
they refuse to acknowledge the difference between the likes of a squid
cache server just doing its job and a compromised Windoze box scanning
for web servers. :-)
--
Greg A. Woods
+1 416 218-0098; <gwoods@acm.org>; <g.a.woods@ieee.org>; <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>
