"portscans" (was Re: Arbor Networks DoS defense product)

• Previous message (by thread): "portscans" (was Re: Arbor Networks DoS defense product)
• Next message (by thread): "portscans" (was Re: Arbor Networks DoS defense product)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ On Sunday, May 19, 2002 at 11:22:08 (-0400), Ralph Doncaster wrote: ]
> Subject: Re: Re[4]: "portscans" (was Re: Arbor Networks DoS defense product)
>
> I think that's pretty stupid.  If I had my network admin investigate every
> portscan, my staff costs would go up 10x and I'd quickly go bankrupt.

Indeed -- and we can only hope.  I know a few companies who actually do
that, and sometimes their policies about how they do it are so broken
they refuse to acknowledge the difference between the likes of a squid
cache server just doing its job and a compromised Windoze box scanning
for web servers.  :-)

-- 
								Greg A. Woods

+1 416 218-0098;  <gwoods at acm.org>;  <g.a.woods at ieee.org>;  <woods at robohack.ca>
Planix, Inc. <woods at planix.com>; VE3TCP; Secrets of the Weird <woods at weird.com>

• Previous message (by thread): "portscans" (was Re: Arbor Networks DoS defense product)
• Next message (by thread): "portscans" (was Re: Arbor Networks DoS defense product)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]