From: Maarten Hartsuijker (subscriptions@hartsuijker.com)
Date: Wed Jul 06 2005 - 15:23:25 EDT
Hmmm, I hope your ISP is not setting a trend over here in NL. So far,
fortunately, I have not noticed any portscan blocking at my ISP. Using
low-tech ISP appears to have its advantages as well ;-)
Personally, I still don't know if I consider blocking based on port scans a
good or a bad thing. For instance: what would happen if someone decides to
spoof the IPS of a couple of subnet-neighbours while portscanning? Or the
IP's of the DHCP/DNS servers (I hope these are whitelisted)?
Maarten
> There is another consequence of this development. If providers start
> blocking suspect TCP/IP traffic then we will have to do our portscans from
> an IP-address near to the Internet entry point of our customers. But
> usually my customers don't have a free patch from where I could scan their
> external firewall interface. Most often they use an ADSL connection
> themselves to do their external portscans.
>
> And what if providers start filtering TCP/IP traffic. Then portscans will
> become very unreliable.
>
> Maybe this is "old news" for most of you, but since I haven't seen a
> discussion about this, I thought I should mention it.
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:31 EDT