Home page logo

nanog logo nanog mailing list archives

Re: netscan.org update
From: John Fraizer <nanog () EnterZone Net>
Date: Sat, 14 Oct 2000 00:21:11 -0400 (EDT)

On Fri, 13 Oct 2000, Mark Milhollan - Franklin Employee wrote:

John Fraizer writes:
If someone doesn't want
people sending ICMP echo-request to their network, they need to block it
at the borders.  If they do that, even if they have amp nets inside, they
won't be available for abuse from the outside.

Only from ICMP echo-request based DDoS', others will still be available. 
They'd have to block all traffic to their broadcast addresses, which is
pretty much what ``no directed broadcast'' does anyway.

Um, did I say anything about other types of DDoS?  The thread, which is
nearly three weeks old BTW, was about netscan.org and scanning for SMURF
amp nets.

In any case, I find scanning for SMURF amps and scanning for
vulnerabilities to be quite different.

Can't say I agree, since in fact they are both "vulnerabilities".

I would have hoped that you would have read the entire thread prior to
composing your reply.  Had you done so, perhaps your opinion might be
different.  In any case, the thread has been quiet for weeks now.

This is already too damn close to the usual thread about the other
active scan for my comfort.


So why stir it more?

John Fraizer
EnterZone, Inc

  By Date           By Thread  

Current thread:
  • Re: netscan.org update Mark Milhollan - Franklin Employee (Oct 14)
    • Re: netscan.org update John Fraizer (Oct 14)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]