North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: "portscans" (was Re: Arbor Networks DoS defense product)

  • From: Greg A. Woods
  • Date: Sun May 19 13:44:50 2002

[ On Sunday, May 19, 2002 at 11:22:08 (-0400), Ralph Doncaster wrote: ]
> Subject: Re: Re[4]: "portscans" (was Re: Arbor Networks DoS defense product)
>
> I think that's pretty stupid.  If I had my network admin investigate every
> portscan, my staff costs would go up 10x and I'd quickly go bankrupt.

Indeed -- and we can only hope.  I know a few companies who actually do
that, and sometimes their policies about how they do it are so broken
they refuse to acknowledge the difference between the likes of a squid
cache server just doing its job and a compromised Windoze box scanning
for web servers.  :-)

-- 
								Greg A. Woods

+1 416 218-0098;  <gwoods@acm.org>;  <g.a.woods@ieee.org>;  <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>