"portscans" (was Re: Arbor Networks DoS defense product)

• Previous message (by thread): "portscans" (was Re: Arbor Networks DoS defense product)
• Next message (by thread): "portscans" (was Re: Arbor Networks DoS defense product)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ On Sunday, May 19, 2002 at 03:16:28 (-0700), Dan Hollis wrote: ]
> Subject: Re: "portscans" (was Re: Arbor Networks DoS defense product)
>
> On 18 May 2002, Scott Gifford wrote:
> > Before choosing an onling bank, I portscanned the networks of the
> > banks I was considering.  It was the only way I could find to get a
> > rough assessment of their network security, which was important to me
> > as a customer for obvious reasons.
> 
> So for your offline banks, do you also go to the local branches at night 
> and jiggle all the locks to make sure their doors and windows are locked?

That analogy is fundamentaly flawed.  For one the Interent is never
locked after hours -- there is no "after hours", it's always open!

There are also no sign posts at every router on the Internet.  The only
sign-posts are the responses you get from trying a given door -- either
it opens or it doesn't.  Unless you actually try to go somewhere in
TCP/IP-land you won't know whether or not you can get there.  A good
firewall makes it appear for all intents and purposes that there's no
door handle to wiggle in the first place.

-- 
								Greg A. Woods

+1 416 218-0098;  <gwoods at acm.org>;  <g.a.woods at ieee.org>;  <woods at robohack.ca>
Planix, Inc. <woods at planix.com>; VE3TCP; Secrets of the Weird <woods at weird.com>

• Previous message (by thread): "portscans" (was Re: Arbor Networks DoS defense product)
• Next message (by thread): "portscans" (was Re: Arbor Networks DoS defense product)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]