Re: Dynamic IP log retention = 0?

From: Joe Greco (no email)
Date: Thu Mar 12 2009 - 20:13:02 EDT

  • Next message: Jon Orb: "Expert Witness needed for Terry Childs case"

    > Whether Covad chooses to enforce their AUP against port scanning is a
    > business decision up to them.

    Yes, it's all a business decision. That kind of antisocial thinking is
    the sort of thing that has allowed all manner of bad guys to remain
    attached to the Internet.

    > Again, why worry about things out of your
    > control, especially when we are talking about port scanning.

    Yes, why not talk about rapists and drug dealers instead. They're much
    worse. It's just that this forum ... isn't for that.

    > I would think people have more pressing issues, guess not.

    While I am all for increasing overall security on the Internet, the
    reality is that there will often be devices that are attached that
    are found to be vulnerable in new and intriguing ways. Port scanning
    is a primary method for finding these vulnerabilities. To the extent
    that an ISP might proactively port scan its own userbase, that's a good
    use and probably a good idea (has tradeoffs), but bad guys finding
    holes in random devices so that they can launch multiGbps attacks
    against random destinations is a bad thing.

    If your idea of "operations" is to make your router work and collect
    your paycheck for another day, then this discussion probably does not
    make any sense to you and you probably don't understand the importance
    of the issue.

    If your idea of "operations" is to ensure the reliable operation and
    uphold the performance standards of an IP network, then it should not
    be beyond comprehension that allowing miscreants access to the network
    is one of many things that can adversely affect operations. If you
    accept that the presence of miscreants on the network is a negative,
    it shouldn't be hard to see that complaining about consistent and
    persistent port scans from what is probably an identifiable host is
    one way to make an impact.

    ... JG

    -- 
    Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
    "We call it the 'one bite at the apple' rule. Give me one chance [and] then I
    won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
    With 24 million small businesses in the US alone, that's way too many apples.
    

  • Next message: Jon Orb: "Expert Witness needed for Terry Childs case"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD