Stealth Blocking

jlewis at jlewis at
Fri May 25 00:54:27 UTC 2001

On Thu, 24 May 2001, David Schwartz wrote:

> 	What's so bad about pre-emptive open-relay scanning is that if you feel
> that is justified, you pretty much have accepted that anybody who pleases
> may scan anybody else's network for any weakness he or she would like to
> probe for.

Whether you like / agree with it or not, this is happening and you can't
stop it.  Even back in the very early 90's you pretty much couldn't put a
system on an internet connected network without people probing it,
attempting to log into it, etc.

There's a big difference between open-relay testing and port scanning /
vulnerability probing.  Saying that the former will lead to more of the
latter is silly with current levels of the latter we already have.  I've
seen new systems hacked within 24h of being put on the net on a previously
unused IP.  Any argument that open-relay scanning will lead to more
vulnerability scanning is just silly.

 Jon Lewis *jlewis at*|  I route
 System Administrator        |  therefore you are
 Atlantic Net                |
_________ for PGP public key_________

More information about the NANOG mailing list