Home page logo
/

nanog logo nanog mailing list archives

RE: Stealth Blocking
From: "David Schwartz" <davids () webmaster com>
Date: Wed, 23 May 2001 15:11:27 -0700



Third, the new 'rule' MAPS just came up with now is that you
must keep your
server open to their 'testing', or they'll blackhole you. See
for yourself:
http://www.dotcomeon.com/nph-rss-remove-blocking.html
That is the reason given for blocking us the second time
around. No new
'evidence', just open wide for inspection and say ahhh...

Uhhh... so how do you propose that relays are tested to make
sure they're
closed before being removed from the database?

This is the very thing they considered abusive just a few months ago.
Wasn't it MAPS that blocked ORBS for scanning Abovenet's ports in the
first place? So now they took their rival's worst rules and made it their
own. Now it's my turn to say absolute rubbish.

        You're obscuring a very fundamental difference. ORBS scans everyone, with
no provocation. This is like checking if your neighbor's gun is loaded while
it's in his safe. MAPS scans those who have created problems for its
customers in the past. This is like checking if your neighbor's gun is
loaded while it's pointing at you.

        Once you connect to me, and in so doing create a problem for me, you have
no right to complain when I connect back to you. But if you connect to me
without provocation to search me for vulnerabilities, that's a horse of
another color.

        DS



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]