Arbor Networks DoS defense product
Scott Francis
darkuncle at darkuncle.net
Thu May 16 16:26:06 UTC 2002
On Wed, May 15, 2002 at 06:19:00PM -0700, briareos at otherlands.net said:
[snip]
> On Wed, 15 May 2002, Johannes B. Ullrich wrote:
[briareos at otherlands.net]
> > > > Even more, I would hate to see the advocation of a hostile reaction to
> > > > what, so far, is not considered a crime.
> >
> > I agree. Scanning is no crime. But blocking isn't a crime either.
>
> Agreed. But this blocking still will do no good. My previous
> questions still stand. What about timing? What about breaking up
> segements of the network to be scanned by different hosts? How many
> hits on the linemines constitute blocking? Are you blocking hosts or
> networks? Either way, what about dynamic ips? What about scans done
> from different networks other than that which the supposed attacker is
> originating from. Universitys, unsecured wireless lans, etc.
So because we can't implement a perfect solution, let's do nothing at all
about the problem?
> PJ
--
Scott Francis darkuncle@ [home:] d a r k u n c l e . n e t
Systems/Network Manager sfrancis@ [work:] t o n o s . c o m
GPG public key 0xCB33CCA7 illum oportet crescere me autem minui
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 872 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20020516/78255e40/attachment.sig>
More information about the NANOG
mailing list