Stealth Blocking
alex at yuriev.com
alex at yuriev.com
Fri May 25 04:03:26 UTC 2001
> > What's so bad about pre-emptive open-relay scanning is that if you feel
> > that is justified, you pretty much have accepted that anybody who pleases
> > may scan anybody else's network for any weakness he or she would like to
> > probe for.
>
> Whether you like / agree with it or not, this is happening and you can't
> stop it. Even back in the very early 90's you pretty much couldn't put a
> system on an internet connected network without people probing it,
> attempting to log into it, etc.
>
> There's a big difference between open-relay testing and port scanning /
> vulnerability probing. Saying that the former will lead to more of the
> latter is silly with current levels of the latter we already have. I've
> seen new systems hacked within 24h of being put on the net on a previously
> unused IP. Any argument that open-relay scanning will lead to more
> vulnerability scanning is just silly.
No, this is a totally valid argument. The reason is that process of scanning
for vulnerabilities is not in any shape or form different from scanning for
open-relays. Please explain to me who are you to determine what is a "right"
and what is a "wrong" reason?
Thanks,
Alex
More information about the NANOG
mailing list