Dynamic IP log retention = 0?
jgreco at ns.sol.net
Thu Mar 12 19:52:45 CDT 2009
> Well most port scanning is from compromised boxes. Once a
> box is compromised it can be used for *any* sort of attack.
> If you really care about security you take reports of ports
> scans seriously.
Yeahbut, the real problem is that port scanning is typically used as
part of a process to infect _other_ boxes. If you allow this sort of
illness to spread, the patient (that is, the Internet) doesn't get
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
More information about the NANOG