Home page logo

nanog logo nanog mailing list archives

RE: Stealth Blocking
From: <alex () yuriev com>
Date: Fri, 25 May 2001 00:03:26 -0400 (EDT)

    What's so bad about pre-emptive open-relay scanning is that if you feel
that is justified, you pretty much have accepted that anybody who pleases
may scan anybody else's network for any weakness he or she would like to
probe for.

Whether you like / agree with it or not, this is happening and you can't
stop it.  Even back in the very early 90's you pretty much couldn't put a
system on an internet connected network without people probing it,
attempting to log into it, etc.

There's a big difference between open-relay testing and port scanning /
vulnerability probing.  Saying that the former will lead to more of the
latter is silly with current levels of the latter we already have.  I've
seen new systems hacked within 24h of being put on the net on a previously
unused IP.  Any argument that open-relay scanning will lead to more
vulnerability scanning is just silly.

No, this is a totally valid argument. The reason is that process of scanning
for vulnerabilities is not in any shape or form different from scanning for
open-relays. Please explain to me who are you to determine what is a "right"
and what is a "wrong" reason?


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]