[64794] in North American Network Operators' Group
Re: Portscans/PROXY scans
daemon@ATHENA.MIT.EDU (Andrew D Kirch)
Sun Nov 2 21:56:02 2003
Date: Sun, 2 Nov 2003 21:57:13 -0500
From: Andrew D Kirch <trelane@trelane.net>
To: Paul Vixie <vixie@vix.com>
Cc: nanog@merit.edu
In-Reply-To: <g3ism34aip.fsf@sa.vix.com>
X-SA-Exim-Mail-From: trelane@trelane.net
Errors-To: owner-nanog-outgoing@merit.edu
There are however legitimate reasons for a portscan, responding to incoming abuse and attack being one of them, automatically searching for openrealys used to send you spam is another. Curtailing scanning shouldn't be a priority here, nailing packet kids, spammers etc should be. Sadly both of these groups don't seem to be going to jail in droves.
On 02 Nov 2003 05:14:38 +0000
Paul Vixie <vixie@vix.com> wrote:
>
> suresh@outblaze.com (Suresh Ramasubramanian) writes:
>
> > Portscans on the internet are a fact of life - unpleasant, yes, but you
> > can safely ignore them, and instead, concentrate on keeping your systems
> > secured.
>
> that is certainly what the malware authors and users hope that we'll all do,
> so listen up. just because many of the infected hosts won't be disinfected,
> don't assume that there's no value in tracking and reporting them, or that
> there's no reason to spend money listening to and acting on complains about
> them. the internet's immune system needs *more* resources, not fewer.
> --
> Paul Vixie
--
Andrew D Kirch | trelane@2mbit.com |
Security Admin | Summit Open Source Development Group | www.sosdg.org
