Dynamic IP log retention = 0?
cmadams at hiwaay.net
Sat Mar 14 15:35:19 CDT 2009
Once upon a time, Neil <kngspook at gmail.com> said:
> I think you are being a little naive. Port scans, while possibly used for
> malicious ends, can very often be benign.
That sounds naive to me. From what I've seen, the number of malicious
scans is much greater than the number of benign scans. The vast
majority of end users have no idea what a port scan is or how to run one
(or how to make sense of the output if they saw one run).
In any case, this isn't really about the port scan. This is about Covad
claiming they cannot identify who had an IP 48 hours ago. What if it
wasn't a port scan; what if it was a DoS attack, spamming bot, etc.?
Do you think Covad would respond to a DMCA complaint like that?
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the NANOG