Stealth Blocking

Roeland Meyer rmeyer at
Thu May 24 00:15:02 UTC 2001

> From: David Schwartz [mailto:davids at]
> Sent: Wednesday, May 23, 2001 4:54 PM
> > In the PURE war, one ONLY shoots confirmed bad-guys and has ZERO
> > collateral damage.
> 	So if someone has a machine gun and is firing randomly, 
> you don't act to stop him until he happens to hit someone? 

Lottsa mitigating circumstances here;
.Are they shooting spam?
.Are they trying to hit anyone?

One spammer is no justification for nuking their entire city. Targeted
response, sir ... targeted response. That's what MAPS is, a laser beam, not
a hand granade.

> That's madness. [I] don't advocate
> random scanning, as it is unethical to probe random people for
> vulnerability. However, once you know there is in fact an 
> open relay, you are entirely justified in blocking it.

Agreed, but its open-relay status is irrelevent. The fact that one has
proof-positive of spam, from that site, is.

> And if you have legitimate reason to
> suspect a site is an open relay, you are entirely justified 
> in probing it to see whether or not it is.

No you are not, by your own ethical standards. Suspicion is not proof. Only
a piece of spam, in hand, from that specific site, is sufficient grounds.

> 	If your neighbor is aiming a gun at you, you are 
> justified in checking to see if it's loaded. 

No you are not, you assume that it is and fire first <grin>. But, you are
not justified in taking out his whole block, including the other neighbors.
You are not allowed ANY collateral damage. Anything less is sloppy anyway.
What's the matter, ain't you that good? Can't you aim?

More information about the NANOG mailing list