Scanning the Internet for Vulnerabilities Re: 202207232217.AYC
John Curran
jcurran at istaff.org
Sun Jul 24 11:27:37 UTC 2022
Abe -
Static versus dynamic address assignment isn’t the problem - dynamically assigned IP address space can
still be tracked back to a given system (reference: RFC6302/BCP162 & RFC6269 for discussion of the
requirements and various related issues.)
Tracking back to a particular server doesn’t really matter if all that happens is that the service is terminated
(as the culprit will simply appear elsewhere in the Internet with a new connection/server and start over.)
Alas, the situation doesn’t change unless/until there’s a willingness to engage law enforcement and pursue
the attackers to prevent recurrence. This is non-trivial, both because of the skills necessary, the volume of
attacks, the various jurisdictions involved, etc. – but the greatest obstacle is simply the attitude of “Why bother,
that’s just the way it is…”
With zero effective back pressure, we shouldn’t be surprised as frequency of attempts grows without bound.
Thanks,
/John
Disclaimers: my views alone – no one else would claim them. Feel free to use/reuse/discard as you see fit.
> On 23 Jul 2022, at 10:28 PM, Abraham Y. Chen <aychen at avinta.com> wrote:
>
> Hi, John:
>
> 1) "... i.e. we’re instead going to engage in the worlds longest running game of “whack-a-mole” by just blocking their last known website/mail server/botnet and the wishing for the best… ":
>
> Perhaps it is time for us to consider the "Back to the Future" strategy, i.e., the Internet should practice static IP address like all traditional communication system did?
>
> Regards,
>
> Abe (2022-07-23 22:27 EDT)
>
>
> On 2022-06-22 10:35, John Curran wrote:
>> Barry -
>>
>> There is indeed a metaphor to your “rattling doorknobs", but it’s
>> not pretty when it comes to the Internet…
>>
>> If you call the police because someone is creeping around your
>> property checking doors and windows for
>> possible entry, then they will indeed come out and attempt to
>> arrest the perpetrator (I am most certainly
>> not a lawyer, but as I understand it even the act of opening an
>> unlocked window or door is sufficient in many
>> jurisdictions to satisfy the “breaking the seal of the property”
>> premise and warrant charging under breaking
>> and entering statues.)
>>
>> Now welcome to the Internet… paint all your windows black, remove
>> all lighting save for one small bulb
>> over your front entry. Sit back and enjoy the continuous sounds
>> of rattling doorknobs and scratching at
>> the windows.
>>
>> If/when you find a digital culprit creeping around inside the
>> home, your best option is burn down the place
>> and start anew with the copies you keep offsite in storage
>> elsewhere. Similarly if you find a “trap” (e.g.,
>> a phishing email) placed on your patio or amongst your mail…
>> discard such cautiously and hope your
>> kids use equal care.
>>
>> “Best practice” for handling these situations on the Internet is
>> effectively to cope as best you can despite
>> being inundated with attempts – i.e. most Internet security
>> professionals and law enforcement will tell you
>> that the idea of actually trying to identify and stop any of the
>> culprits involved is considered rather quaint
>> at best – i.e. we’re instead going to engage in the worlds longest
>> running game of “whack-a-mole” by just
>> blocking their last known website/mail server/botnet and the
>> wishing for the best…
>>
>>
>> Enjoy your Internet!
>> /John
>>
>> Disclaimers: My views alone - use, reuse, or discard as desired.
>> This message made of 100% recycled electrons.
>>
>>> On 22 Jun 2022, at 12:04 AM, bzs at theworld.com wrote:
>>>
>>>
>>> When I lock the doors etc to my home I'll often mutter "ya know, if
>>> someone is rattling my door knob I already have a big problem."
>>>
>>> I suppose when I'm home it might give me a warning if I hear it.
>>>
>>> There must be a metaphor in there somewhere.
>>>
>>> I do recall as a teen noticing that one of the closed store's on the
>>> main drag's door was unlocked late one night walking home (this was in
>>> NYC.)
>>>
>>> I saw a cop and told him and he scolded me angrily for rattling door
>>> knobs, I could be arrested for that! But verified it, looked around
>>> inside with his flashlight, and called it in.
>>>
>>> I forget how I noticed but I wasn't in the habit of rattling stores'
>>> door knobs, I think the door was just a bit ajar.
>>>
>>> There must be a metaphor in there somewhere.
>>>
>>> On June 21, 2022 at 10:01 mpalmer at hezmatt.org (Matt Palmer) wrote:
>>>> On Mon, Jun 20, 2022 at 02:18:30AM +0000, Mel Beckman wrote:
>>>>> When researchers, or whoever, claim their scanning an altruistic service,
>>>>> I ask them if they would mind someone coming to their home and trying to
>>>>> open all the doors and windows every night.
>>>>
>>>> If there were a few hundred people with nefarious intent trying to open your
>>>> doors and windows every night, someone doing the same thing with altruistic
>>>> intent might not be such a bad thing.
>>>>
>>>> - Matt
>>>
>>> --
>>> -Barry Shein
>>>
>>> Software Tool & Die | bzs at TheWorld.com <mailto:bzs at TheWorld.com> | http://www.TheWorld.com <http://www.theworld.com/> <http://www.TheWorld.com <http://www.theworld.com/>>
>>> Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD
>>> The World: Since 1989 | A Public Information Utility | *oo*
>>
>
>
> --
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus <https://www.avast.com/antivirus>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20220724/9a069774/attachment.html>
More information about the NANOG
mailing list