North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Arbor Networks DoS defense product

  • From: Scott Francis
  • Date: Thu May 16 12:31:38 2002

On Wed, May 15, 2002 at 06:19:00PM -0700, briareos@otherlands.net said:
[snip]
> On Wed, 15 May 2002, Johannes B. Ullrich wrote:
[briareos@otherlands.net]
> > > > Even more, I would hate to see the advocation of a hostile reaction to 
> > > > what, so far, is not considered a crime.
> > 
> > I agree. Scanning is no crime. But blocking isn't a crime either.
> 
> Agreed.  But this blocking still will do no good.  My previous
> questions still stand.  What about timing?  What about breaking up
> segements of the network to be  scanned by different hosts?  How many
> hits on the linemines constitute blocking?  Are you blocking hosts or
> networks?  Either way, what about dynamic ips?  What about scans done
> from different networks other than that which the supposed attacker is
> originating from.  Universitys, unsecured wireless lans, etc.

So because we can't implement a perfect solution, let's do nothing at all
about the problem?

> PJ

-- 
Scott Francis                   darkuncle@ [home:] d a r k u n c l e . n e t
Systems/Network Manager          sfrancis@ [work:]         t o n o s . c o m
GPG public key 0xCB33CCA7              illum oportet crescere me autem minui

Attachment: pgp00024.pgp
Description: PGP signature