Forgot to include nanog ----- Forwarded message from PJ <briareos@otherlands.net> -----
Date: Wed, 15 May 2002 17:50:01 -0700 From: PJ <briareos@otherlands.net> Subject: Re: Arbor Networks DoS defense product To: Clayton Fiske <clay@bloomcounty.org> Message-ID: <20020516005001.GB2107@elvander.otherlands.net> Reply-To: PJ <briareos@otherlands.net> User-Agent: Mutt/1.3.25i
On Wed, 15 May 2002, Clayton Fiske wrote:
On Wed, May 15, 2002 at 05:22:39PM -0700, PJ wrote:
Are you now operating under the premise that scans != anything but the prelude to an attack? Sorry if I missed it earlier in the thread, but I would hate to think any legitimate scanning of a network or host would result in a false positive. Even more, I would hate to see the advocation of a hostile reaction to what, so far, is not considered a crime.
So you can think of a perfectly legitimate reason to scan someone else's netblocks on specific TCP ports?
-c
Has no one ever tested firewall rules from external networks? The fact remains is that a scan != an attack.
PJ
-- The worst thing one can do is not to try, to be aware of what one wants and not give in to it, to spend years in silent hurt wondering if something could have materialized -- and never knowing. -- David Viscott