On Fri, 12 Oct 2007, Tim Franklin wrote:
On Fri, October 12, 2007 2:49 pm, Justin M. Streiner wrote:
"HOST x.x.x.x ON YOUR NETWORK PINGED ME!!!! I TAKE MY SECURITY SERIOUSLY!! I'M CALLING THE FBI!!!"
That I can *sort* of understand - it's the flaming zealotry of "ALL ICMP IS EEEVIL!" trickling down from 99% of firewall admins working in enterprises to end users who just heard it from "someone in IT".
It's the "Your server www.whatever.com is attacking me from port 80!" ones that leave me torn between laughing, crying, and seriously thinking about a cull...
Its all very well for those that know better to carry on like this, but I would suggest that those sortsa complaints only come from people who don't know better. They don't know how to interpret their Firewall warnings. And they don't know whats genuine and whats not. Heck, I remember being a little like that myself, back in the days of Windows + Conseal PC Firewall being the best security solution affordably available to home users - and from being DoS'd offline at 14400... (And i've only been working in the industry for 10 years.) Suggest that rather than knocking those who genuinely think that its a warzone out there (and isn't it?) efforts of ISPs to educate clients as to what is genuine abuse (and what isn't) should be rewarded. (If some random dynamic IP host on the other side of the world started hitting my firewall for no apparent reason, i'd be raising my eyebrows too. Of course, these days, I have a much better idea of what is genuinely threatening and what isn't.) Mark. [Sorry, but sometimes I get the distinct impression that Network Operators sometimes forget that the vast majority of people simply aren't anywhere near their level.]