[ On Sunday, May 19, 2002 at 11:22:08 (-0400), Ralph Doncaster wrote: ]
Subject: Re: Re[4]: "portscans" (was Re: Arbor Networks DoS defense product)
I think that's pretty stupid. If I had my network admin investigate every portscan, my staff costs would go up 10x and I'd quickly go bankrupt.
Indeed -- and we can only hope. I know a few companies who actually do that, and sometimes their policies about how they do it are so broken they refuse to acknowledge the difference between the likes of a squid cache server just doing its job and a compromised Windoze box scanning for web servers. :-) -- Greg A. Woods +1 416 218-0098; <gwoods@acm.org>; <g.a.woods@ieee.org>; <woods@robohack.ca> Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>