[66707] in North American Network Operators' Group
Re: sniffer/promisc detector
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Wed Jan 21 11:40:55 2004
To: Ruben van der Leij <ruben-nanog@nutz.nl>
Cc: nanog@merit.edu
In-Reply-To: Your message of "Wed, 21 Jan 2004 15:58:14 +0100."
<20040121145814.GA17880@blacklisted.nl>
From: Valdis.Kletnieks@vt.edu
Date: Wed, 21 Jan 2004 11:40:15 -0500
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-463218979P
Content-Type: text/plain; charset=us-ascii
On Wed, 21 Jan 2004 15:58:14 +0100, Ruben van der Leij <ruben-nanog@nutz.nl> said:
> Somebody who isn't smart enough to do 'nmap -p 0-65535 $target' isn't worth
> diverting.
I'm sure everybody who got whacked by Lion or CodeRed or Blaster or.... are
glad to hear those attacks weren't worth diverting.
The point is that if somebody is doing 'nmap -p 0-65535' at you, you are a *specific*
target, and not one of the "get a probe every 4 minutes" targets that every machine
on the wire is.
--==_Exmh_-463218979P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFADqtvcC3lWbTT17ARArKmAKDqXlrgqKlhtiHK0xTXOA3fkDhb6wCfXZhs
qYhh4x11MHuc06ljitrugHc=
=9M/c
-----END PGP SIGNATURE-----
--==_Exmh_-463218979P--
