Stealth Blocking

alex at alex at
Fri May 25 04:03:26 UTC 2001

> > 	What's so bad about pre-emptive open-relay scanning is that if you feel
> > that is justified, you pretty much have accepted that anybody who pleases
> > may scan anybody else's network for any weakness he or she would like to
> > probe for.
> Whether you like / agree with it or not, this is happening and you can't
> stop it.  Even back in the very early 90's you pretty much couldn't put a
> system on an internet connected network without people probing it,
> attempting to log into it, etc.
> There's a big difference between open-relay testing and port scanning /
> vulnerability probing.  Saying that the former will lead to more of the
> latter is silly with current levels of the latter we already have.  I've
> seen new systems hacked within 24h of being put on the net on a previously
> unused IP.  Any argument that open-relay scanning will lead to more
> vulnerability scanning is just silly.

No, this is a totally valid argument. The reason is that process of scanning
for vulnerabilities is not in any shape or form different from scanning for
open-relays. Please explain to me who are you to determine what is a "right"
and what is a "wrong" reason?


More information about the NANOG mailing list