[SOT Rant] Non-hostile probes / opt-in/out

• Previous message (by thread): [SOT Rant] Non-hostile probes / opt-in/out
• Next message (by thread): FORGED EMAIL POSTED TO NANOG
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In the referenced message, Quibell, Marc said:
> 
> LOL!
> 
> I believe that the question should be: Why are you pinging me? Tell me what
> admin who sees thousands of ping from one host does not investigation the
> nature? Do mean to say that if you were to log thousands of pings, you would
> ignore them? 

Why are you requesting the Digital Island content?

Don't want them pinging you? Stop requesting content from
them. I'm actually serious here. If you don't think their methods
are "good", then boycotting them and their customers is a decent
enough way to voice your vote. My guess is that Digital Island
will continue to exist, and you will be safely partitioned away
from the network.

I don't believe any of the Network Operators who are a part of
NANOG would care about 1000 ping packets. The existence of the packets,
or even the number is not as important as their frequency, duration,
size, and number of simultaneous sources/destinations. The original
case of 400-some odd packets across 2 hours isn't much of anything.
Generally, the sniff test is whether it is actually causing a problem
or not.

If it _is_ a problem, contact them, and ask them to stop. If they
can't or won't, then filter them.

The point I think several people have tried to point out is that maybe
your logging of thousands of pings is more of a problem than the
thousands of pings themselves.

> Also many ping attacks start with harmless ping probes.

Yeah, and many attacks start without a ping, and many pings do not
precede an attack.

> Marc 

Stephen

• Previous message (by thread): [SOT Rant] Non-hostile probes / opt-in/out
• Next message (by thread): FORGED EMAIL POSTED TO NANOG
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]