Scanning the Internet for Vulnerabilities
Robert L Mathews
lists at tigertech.com
Mon Jun 20 22:16:01 UTC 2022
On 6/20/22 12:24 PM, Matthew Craig wrote:
> The intent behind vulnerability scans is good, however the majority of
> DOS attacks that my networks encounter these days are from cybersecurity
> organizations conducting cybersecurity research.
Yeah. The unwritten rule of this is "if you're going to do it, do it
gently enough that the person receiving it doesn't notice".
If the load average on my server goes up by 20 because you've opened 20
simultaneous HTTP connections and you're sending nonstop requests on all
of them for thousands of random filenames that don't exist (but which
each cause a PHP script to run), I'm not going to appreciate it.
Same if you send tens of thousands of TCP SYNs a second so you can
quickly scan all possible ports of hundreds of IP addresses.
If I don't even notice it, though, I'm unlikely to be bothered to object
to it.
--
Robert L Mathews
More information about the NANOG
mailing list