[ On Sunday, May 19, 2002 at 03:16:28 (-0700), Dan Hollis wrote: ]
> Subject: Re: "portscans" (was Re: Arbor Networks DoS defense product)
>
> On 18 May 2002, Scott Gifford wrote:
> > Before choosing an onling bank, I portscanned the networks of the
> > banks I was considering. It was the only way I could find to get a
> > rough assessment of their network security, which was important to me
> > as a customer for obvious reasons.
>
> So for your offline banks, do you also go to the local branches at night
> and jiggle all the locks to make sure their doors and windows are locked?
That analogy is fundamentaly flawed. For one the Interent is never
locked after hours -- there is no "after hours", it's always open!
There are also no sign posts at every router on the Internet. The only
sign-posts are the responses you get from trying a given door -- either
it opens or it doesn't. Unless you actually try to go somewhere in
TCP/IP-land you won't know whether or not you can get there. A good
firewall makes it appear for all intents and purposes that there's no
door handle to wiggle in the first place.
--
Greg A. Woods
+1 416 218-0098; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Planix, Inc. <[EMAIL PROTECTED]>; VE3TCP; Secrets of the Weird <[EMAIL PROTECTED]>
