OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jay D. Dyson (jdyson_at_treachery.net)
Date: Tue Jul 23 2002 - 18:32:01 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On Tue, 23 Jul 2002, euan wrote:

    > Is it really worth blocking an entire country because of a few
    > trivial-to-defend-against scans? Do you panic after receiving scans for
    > things like tcp 53 and 21? Perhaps you should consider changing your
    > IDS policies if you waste so much time investigating non-issues.

            It's not just the net.abuse, it's the *volume* of net.abuse and
    the sheer and utter lack of any caring by the admins over there.

            Look, I don't blackhole networks on a whim. After thousands upon
    thousands of scans (both human- and worm-sired), tons of repeated spam
    carpet-bombings on my mail servers, and other forms of net.abuse -- all of
    which was duly reported and summarily ignored by the cognizant parties --
    I saw no alternative but to blackhole not only China, but Korea and Taiwan
    as well.

    > How many of these scans/"hacking" attempts actually led to a successful
    > comprimise?

            On my systems? None. On your typical joe and jane user's system,
    more than I care to imagine. Does a lack of success on the part of the
    attacker excuse the attack in your mind? If someone tries to break into
    my house, I still have a legitimate gripe against their conduct.

    > Frankly this thread, complete with 11/09 references now, smacks of
    > xenophobia, and that is indeed a sad thing to see appearing on the
    > internet.

            Bah. If I saw the same sort of nonsense on an equally epidemic
    level with equally pervasive lack of concern by the cognizant parties
    coming out of Canada or U.S. universities, they'd get blackholed as well.
    So don't even bother trying to play that race card, sport. That bulldada
    won't fly. Period.

    - -Jay

      ( ( _______
      )) )) .--"There's always time for a good cup of coffee"--. >====<--.
    C|~~|C|~~| (>------ Jay D. Dyson -- jdysontreachery.net ------<) | = |-'
     `--' `--' `-- I'll be diplomatic...when I run out of ammo. --' `------'

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.7 (TreacherOS)
    Comment: See http://www.treachery.net/~jdyson/ for current keys.

    iD8DBQE9Ped0GI2IHblM+8ERAv4nAJ45gRqgWF62w0mRDx1LHT7dk/SCCwCcDIHK
    H8s55cNpyWabVOcLF5hvKrs=
    =e7Mk
    -----END PGP SIGNATURE-----

    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management
    and tracking system please see: http://aris.securityfocus.com