Joe, I'll respond to you and this will be my last reply to this thread because I know I won't be able to change your mind. Saying a company's business decisions are antisocial just because they aren't doing you want is very unhelpful. I don't know how many large ISPs you have worked for but I'm not sure if you understand corporate budgets or politics. If you consider people who port scan the bad guys of the internet then obviously you and I are two different planes of reality. I had a discussion today with someone who I immensely respect where I talked about port scanning and how people compare it to trying to break in to someone's house. He disagreed and said that port scanning was like being a part of the neighborhood watch and that trying to exploit any vulnerabilities you find would be an attempted break in, I have to agree. As for your second point of comparing port scanning to the heinous crimes of rape I'll just ask, "have you lost your damn mind"? Seriously, port scanning a machine compared to the horrid act of abusing someone sexually? Seriously, what will be your next analogy, pedophiles are the same as file sharers? Port scanning can be a method to find vulnerabilities indeed but what of those of us who port scan before we use certain services? I often scan certain hosts before I use them to make sure they don't have gaping vulnerabilities, should I go to jail? The op said nothing about an attack but only a scan, so don't go there. Your idea of operations seems simple because you have the black and white barrier, there is no gray for you. Some of us actually have a larger userbase and very small budgets. Now I'll say that the company I work for goes after network abusers vigorously. To say that port scanners are miscreants and abusers is your view. I think everyone wants to stop botnets and exploits from spreading but Joe, people don't have to answer to you just because you feel that you are privileged because you have a role in the internet. Scanning and attacks are two different things and I hope you realize this. If a host on my network is attacking a host on yours I'm sure we will work to stop it quickly. If you demand that I turn over the person who scanned you last night at 12:52 am I may ignore you. I wish you the best of luck against your crusade against the evil of port scanning. -- Ross ross [at] dillio.net
Whether Covad chooses to enforce their AUP against port scanning is a business decision up to them.
Yes, it's all a business decision. That kind of antisocial thinking is the sort of thing that has allowed all manner of bad guys to remain attached to the Internet.
Again, why worry about things out of your control, especially when we are talking about port scanning.
Yes, why not talk about rapists and drug dealers instead. They're much worse. It's just that this forum ... isn't for that.
I would think people have more pressing issues, guess not.
While I am all for increasing overall security on the Internet, the reality is that there will often be devices that are attached that are found to be vulnerable in new and intriguing ways. Port scanning is a primary method for finding these vulnerabilities. To the extent that an ISP might proactively port scan its own userbase, that's a good use and probably a good idea (has tradeoffs), but bad guys finding holes in random devices so that they can launch multiGbps attacks against random destinations is a bad thing.
If your idea of "operations" is to make your router work and collect your paycheck for another day, then this discussion probably does not make any sense to you and you probably don't understand the importance of the issue.
If your idea of "operations" is to ensure the reliable operation and uphold the performance standards of an IP network, then it should not be beyond comprehension that allowing miscreants access to the network is one of many things that can adversely affect operations. If you accept that the presence of miscreants on the network is a negative, it shouldn't be hard to see that complaining about consistent and persistent port scans from what is probably an identifiable host is one way to make an impact.
... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.