Arbor Networks DoS defense product

• Previous message (by thread): Arbor Networks DoS defense product
• Next message (by thread): Arbor Networks DoS defense product
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, May 15, 2002 at 06:04:40PM -0700, PJ wrote:
> Sorry for not including nanog in the reply.  What about MAPS?  They
> routinely scan netblocks without consent.  Does this tool
> differenciate between local and non-local scanning?  Scanning is

The tool in question may not even exist yet. There is no preset
definition of how it has to work. Perhaps it can be evolved enough
to where it only triggers when an exploit is attempted, rather
than just on a TCP connection.

> still not a crime and it will still do nothing to deter anyone with
> hostile intentions.  This is just a bandaid to avoid taking proper
> security precautions.

I can take all the proper security precautions and it doesn't stop
third party network A from being exploited and later used to attack
me. The point of this is that it will help identify a specific host
which is scanning many blocks belonging to many different networks.
If they hit several landmines in my network, I might be concerned.
If they hit landmines in my network and 6 others to which I have no
affiliation, the net as a whole might want to know about it.

I don't think anyone said this was intended to take the place of
security on their own networks. But I don't see how that aspect
makes this a bad tool on its own either way.

-c

• Previous message (by thread): Arbor Networks DoS defense product
• Next message (by thread): Arbor Networks DoS defense product
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]