"Paul D. Robertson" wrote:
> In that case, they'd probably be more interested in putting a stop to
> you, and you'd perhaps run afoul of the law if you hit one of their
> customer's machines. I'd recommend against it. Also, if they source
> spoofed, you'd be scanning a bunch of other networks that don't belong to
> an attacker. If those were the right networks, you'd probably be in
> court pretty quickly if anyone backtraced the traffic to your AS. I'd
> highly recommend getting competent legal advice from an attourney with a
> clue prior to initiating anything like this.
Obviously one would check for legal ramifications before actually
implementing such a system.
It does seem interesting, though, that the general feelings expressed
here are that it would be much worse to implement such a system than
it is for the people who are doing the port scanning. In the one case,
you have someone trying to get ISPs to take care of their own problems
and in the other case you have someone who is actively seeking systems
to exploit and sometimes causing extremely serious damage to those
systems.
So why is port scanning by hackers so much less objectionable than a
port scan by someone trying to get action taken against the hackers?
Eric Johnson
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
