nanog mailing list archives
Re: Arbor Networks DoS defense product
From: Scott Francis <darkuncle () darkuncle net>
Date: Fri, 17 May 2002 07:12:06 -0700
On Fri, May 17, 2002 at 12:50:40AM -0700, goemon () anime net said:
On Thu, 16 May 2002, Dragos Ruiu wrote:But that said. Blackholing as a response for portscanning is stupid. If you are a small communications end-point it's dumb. Just run portsentry for a while with auto-firewall rules if you need convincing. If you are a communications service provider providing packet transit for others (even employees), it's hostile.
So it's stupid. Or hostile. Certainly no more stupid (or hostile) than sending out millions of spams, or being the source of thousands of portscans/intrusion attempts, and refusing to take responsibility. Bottom line: network policy is the responsibility of the network operator. If he/she does something that causes bad repercussions (financially), he/she will probably be job hunting. Otherwise, if it's not your network, you really don't have much of a say about how it's run, do you? (If it were otherwise, large sections of APNIC would have been cleaned up long ago by those on the receiving end of portscans and spam.) -- Scott Francis darkuncle@ [home:] d a r k u n c l e . n e t Systems/Network Manager sfrancis@ [work:] t o n o s . c o m GPG public key 0xCB33CCA7 illum oportet crescere me autem minui
Attachment:
_bin
Description:
Current thread:
- Re: Arbor Networks DoS defense product, (continued)
- Message not available
- Message not available
- Message not available
- Re: Arbor Networks DoS defense product Clayton Fiske (May 15)
- Re: Arbor Networks DoS defense product PJ (May 15)
- Re: Arbor Networks DoS defense product Clayton Fiske (May 15)
- Re: Arbor Networks DoS defense product E.B. Dreger (May 15)
- Re: Arbor Networks DoS defense product Valdis . Kletnieks (May 17)
- Re: Arbor Networks DoS defense product Dan Hollis (May 17)
- Re: Arbor Networks DoS defense product Johannes Ullrich (May 17)
- Re: Arbor Networks DoS defense product Scott Francis (May 17)
- Re: Arbor Networks DoS defense product Scott Francis (May 17)
- Message not available
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Henry Yen (May 18)
- Message not available
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Scott Francis (May 18)
- Re: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 18)
- Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) Allan Liska (May 18)
- Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) E.B. Dreger (May 18)
- Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) Ralph Doncaster (May 19)
- Re: Re[2]: "portscans" (was Re: Arbor Networks DoS defense product) up (May 19)