Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: anti-spam vs network abuse

  • From: Charlie Clemmer
  • Date: Fri Feb 28 16:16:28 2003

Hash: SHA1

At 03:52 PM 2/28/2003 -0500, Andy Dills wrote:
>Why is probing networks wrong?

Depends on why you're doing the probing.

If you're randomly walk up to my house and check to see if the door is 
unlocked, you better be ready for a reaction. Same thing with unsolicited 
probes, in my opinion. Can I randomly walk up to your car to see if it's 
unlocked without getting a reaction out of you?

Where this thread got started, the scenario was around if I connect to your 
SMTP server to attempt to relay mail, is it then right to probe me for open 
relays and so forth. In that case, I can see the reasoning, as I initiated 
the connection, so you're checking to see if I'm sane or not. The line gets 
drawn though as to how much probing is reasonable ... can you probe my 
system for ALL open ports/exploits just because I tried to send mail 
through you, or can you probe all machines that fit in my address range 
(and how do you determine my address range?) ... that's where the larger 
debate comes in.

I have servers hosted at shared colo facilities. If you were to scan the 
entire netblock for my colo provider because a different customer at the 
same facility tried to send mail through you, how am I to determine your 
cause, or determine that it was not a scan for a vulnerability?

Just my opinions ...

Version: PGP 8.0


Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.