Nmap Announce mailing list archives
Re: can/should
From: Bennett Todd <bet () rahul net>
Date: Wed, 24 May 2000 12:07:08 -0400
2000-05-23-09:35:37 Barry Hudson:
As a new firewall admin I have a question for the white hats.
You can't tell the color of someone's hat over the internet:-).
I log port scans and do a whois to locate the ISP that owns the ip address. My questions is what else can/should be done. I have no other reason to believe they got through or committed any crime. What else are you guys doing? I hope this is not to far off topic.
Probably not too far off-topic, but unfortunately probably not too productive either. If you search archives of either of the firewalls lists, or (I expect) any of several newsgroups, you should be able to turn up reams and acres of discussion (with loads of flames) on this topic. I'm afraid I don't have any specific search threads for you, though. I _think_ I can summarize the two sides that debate tends to settle on. These sides tend to polarize really widely, diverge into attempts to construct analogies, and then the flames burn. Please, if we can avoid taking down this nice list I'd really appreciate it. One side regards port scanning as within the bounds of reasonable and proper exploration over the internet. The other side views it as an attack in its own right. My own view on this matter is that I retire from that debate altogether, declining to hold a position. I harden firewalls and all other hosts exposed to the internet to the point where they can't be burgled, and then I ignore scans, since they won't do any good against me. -Bennett
Attachment:
_bin
Description:
Current thread:
- can/should Barry Hudson (May 23)
- Re: can/should Mr. Man (May 24)
- Re: can/should Security (May 24)
- Re: can/should Thomas Reinke (May 24)
- Re: can/should Ola Nyström (May 25)
- Re: can/should Jose Nazario (May 24)
- Re: can/should Eric Hancock (May 24)
- Re: can/should Bennett Todd (May 24)
- <Possible follow-ups>
- RE: can/should Gallicchio, Florindo (2282) (May 24)
- RE: can/should Dion Stempfley (May 24)
- RE: can/should Sean Ellis (May 24)
- RE: can/should Crye, Michael (May 24)
- RE: can/should Jonathan Day (May 25)
- Re: can/should John Mee (May 25)