[56793] in North American Network Operators' Group
Re: [Fwd: FC: Email a RoadRunner address, get scanned by their
daemon@ATHENA.MIT.EDU (Jack Bates)
Sun Mar 16 18:35:14 2003
From: "Jack Bates" <jbates@brightok.net>
To: <jlewis@lewis.org>, <nanog@merit.edu>
Date: Sun, 16 Mar 2003 17:35:25 -0600
Errors-To: owner-nanog-outgoing@merit.edu
jlewis@lewis.org wrote:
> ---------- Forwarded message ----------
> Date: Sun, 16 Mar 2003 12:56:30 -0500
> From: "W. Mark Herrick, Jr." <markh@va.rr.com>
> To: jlewis@lewis.org
> Subject: Re: Your NANOG post
>
>
> That being said, we have, and will continue to have, a severe issue
> with so-called 'scanning services', that *proactively* scan IP
> addresses (e.g., DSBL), or services that accept requests from
> anywhere to perform 'on-demand' scans (e.g., hatcheck.org) without
> first requiring (and keeping on hand) proof (e.g., spam-in-hand) that
> the IP address is a source of spam, open to third party relay, or has
> an open proxy service.
>
In other words, it's okay for an ISP to scan systems so long as they receive
a connection from the system without spam on hand. However, it is not okay
for a 3rd party to do the same scan, despite the fact that using a 3rd party
limits the number of scans performed by aggregating the results. Considering
how much we complain about route aggregation, I'd think scan aggregation
would have a higher interest. FireDaemon is becoming pretty popular after
all.
--
-Jack
