[Dshield] some newbie questions
superc at visuallink.com
Tue Oct 28 18:29:47 GMT 2003
Subject: Re: [Dshield] some newbie questions
From: Brian Dessent <brian at dessent.net>
Date: Fri, 31 Oct 2003 19:26:56 -0800
To: General DShield Discussion List <list at dshield.org>
Well..., I think of a firewall as being a good front door and the report is
what you see when you look out your window. Using the same analogy the
recent trend in 135 and 445 attacks is like intruders trying your side
door. Hopefully you had good locks and kept them out. Everyone else is
just prowlers up to no good and door to door salesmen. Not worrying about
it is a lot like looking out the window and seeing a prowler who tried your
door go try someone else's. Should you call the cops and get involved or
not? What kind of neighborhood do you want to live in? For too long the
consumers were unaware of the "random pings, scans, and other miscellaneous
packets." That's a lot like saying we weren't looking out the window.
Well we are looking now. A lot of consumers are saying this is going to
stop. Let them confine their random pings and scans to their own net. And
definitly not on our doors. Ce la vie...
"In my opinion people tend to get a little too worked up over stuff that
comes in on the public side of their firewalls. If you connect a
machine to the internet, you just have to expect to receive all kinds of
random pings, scans, and other miscellaneous packets. That's just how
it goes. The whole point of a firewall though is that it drops all that
crud at your doorstep."
"That's just how it goes. The whole point of a firewall though is that it
drops all that crud at your doorstep. You really shouldn't worry too much
about packets that you discard, unless of course they are taking up some
significant amount of resources. "
More information about the list