Whether Covad chooses to enforce their AUP against port scanning is a
business decision up to them.
Yes, it's all a business decision. That kind of antisocial thinking is
the sort of thing that has allowed all manner of bad guys to remain
attached to the Internet.
Again, why worry about things out of your
control, especially when we are talking about port scanning.
Yes, why not talk about rapists and drug dealers instead. They're much
worse. It's just that this forum ... isn't for that.
I would think people have more pressing issues, guess not.
While I am all for increasing overall security on the Internet, the
reality is that there will often be devices that are attached that
are found to be vulnerable in new and intriguing ways. Port scanning
is a primary method for finding these vulnerabilities. To the extent
that an ISP might proactively port scan its own userbase, that's a good
use and probably a good idea (has tradeoffs), but bad guys finding
holes in random devices so that they can launch multiGbps attacks
against random destinations is a bad thing.
If your idea of "operations" is to make your router work and collect
your paycheck for another day, then this discussion probably does not
make any sense to you and you probably don't understand the importance
of the issue.
If your idea of "operations" is to ensure the reliable operation and
uphold the performance standards of an IP network, then it should not
be beyond comprehension that allowing miscreants access to the network
is one of many things that can adversely affect operations. If you
accept that the presence of miscreants on the network is a negative,
it shouldn't be hard to see that complaining about consistent and
persistent port scans from what is probably an identifiable host is
one way to make an impact.
I'll respond to you and this will be my last reply to this thread because
I know I won't be able to change your mind. Saying a company's business
decisions are antisocial just because they aren't doing you want is very
unhelpful. I don't know how many large ISPs you have worked for but I'm
not sure if you understand corporate budgets or politics.
If you consider people who port scan the bad guys of the internet then
obviously you and I are two different planes of reality. I had a
discussion today with someone who I immensely respect where I talked about
port scanning and how people compare it to trying to break in to someone's
house. He disagreed and said that port scanning was like being a part of
the neighborhood watch and that trying to exploit any vulnerabilities you
find would be an attempted break in, I have to agree.
As for your second point of comparing port scanning to the heinous crimes
of rape I'll just ask, "have you lost your damn mind"? Seriously, port
scanning a machine compared to the horrid act of abusing someone sexually?
Seriously, what will be your next analogy, pedophiles are the same as file
sharers?
Port scanning can be a method to find vulnerabilities indeed but what of
those of us who port scan before we use certain services? I often scan
certain hosts before I use them to make sure they don't have gaping
vulnerabilities, should I go to jail? The op said nothing about an attack
but only a scan, so don't go there.
Your idea of operations seems simple because you have the black and white
barrier, there is no gray for you. Some of us actually have a larger
userbase and very small budgets. Now I'll say that the company I work for
goes after network abusers vigorously. To say that port scanners are
miscreants and abusers is your view.
I think everyone wants to stop botnets and exploits from spreading but
Joe, people don't have to answer to you just because you feel that you are
privileged because you have a role in the internet. Scanning and attacks
are two different things and I hope you realize this. If a host on my
network is attacking a host on yours I'm sure we will work to stop it
quickly. If you demand that I turn over the person who scanned you last
night at 12:52 am I may ignore you.
I wish you the best of luck against your crusade against the evil of port
scanning.
I know I won't be able to change your mind. Saying a company's business
decisions are antisocial just because they aren't doing you want is very
unhelpful. I don't know how many large ISPs you have worked for but I'm
not sure if you understand corporate budgets or politics.
Ross - it doesn't help when you turn around and present another false dichotomy.
It's quite possible that Joe *does* understand corporate budgets and politics,
and *still* thinks that business decisions are antisocial. In fact, one can
fairly easily argue that *many* of our current socio-economic issues are due
to the fact that corporate decisions are in general required to be in the
stockholder's interests, not society's. In other words, they are in general
*by definition* anti-social.
So the correct phrasing is "How do we change the anti-social behavior into
something less anti-social which still pleases the stockholders?"
Seriously, what will be your next analogy, pedophiles are the same as file
sharers?
I'm not going to argue with you on a socio economic opinion that companies
who have stock holders are evil because they don't spend their funds where
they want you to and promote anti-social behavior by doing so. If you
think society's biggest problem is to stop port scanning then I hope you
succeed in your crusade. I think many of us have bigger problems than you
getting port scanned but if you every truly get attacked, I'll be there to
help.
As a good friend of mine says "no one ever goes to work and says, how am I
going to suck today." We can all improve in our operations, public shaming
for not dropping ones other duties to hand over information that you
aren't privileged to is a bit sad.
We can all improve in our operations, public shaming
for not dropping ones other duties to hand over information that you
aren't privileged to is a bit sad.
No one asked anyone to "hand over information that they weren't privileged to". Trying to publicly shame someone for asking for this, when they asked for no such thing, is more than a bit sad.
What was requested is that Covad deal with their problem customer. Covad tried to claim that they couldn't deal with it because supposedly they don't have any logs of which customer had the IP less than 48 hours ago, which is just not very believable. There also wasn't any indication that Covad claimed they had more important duties to attend to and that this wasn't important to address - they just claimed they "can't" address it because they don't have log data to link the IP to the customer.