[Dshield] some newbie questions

Kenneth Coney superc at visuallink.com
Tue Oct 28 18:29:47 GMT 2003


Subject: Re: [Dshield] some newbie questions
From: Brian Dessent <brian at dessent.net>
Date: Fri, 31 Oct 2003 19:26:56 -0800
To: General DShield Discussion List <list at dshield.org>

Well..., I think of a firewall as being a good front door and the report is 
what you see when you look out your window.  Using the same analogy the 
recent trend in 135 and 445 attacks is like intruders trying your side 
door.  Hopefully you had good locks and kept them out.  Everyone else is 
just prowlers up to no good and door to door salesmen.  Not worrying about 
it is a lot like looking out the window and seeing a prowler who tried your 
door go try someone else's.  Should you call the cops and get involved or 
not?  What kind of neighborhood do you want to live in?  For too long the 
consumers were unaware of the "random pings, scans, and other miscellaneous 
packets."  That's a lot like saying we weren't looking out the window. 
Well we are looking now.  A lot of consumers are saying this is going to 
stop.  Let them confine their random pings and scans to their own net.  And 
definitly not on our doors.  Ce la vie...

<snip>

"In my opinion people tend to get a little too worked up over stuff that
comes in on the public side of their firewalls.  If you connect a
machine to the internet, you just have to expect to receive all kinds of
random pings, scans, and other miscellaneous packets.  That's just how
it goes.  The whole point of a firewall though is that it drops all that
crud at your doorstep."
<snip> ...
"That's just how it goes.  The whole point of a firewall though is that it 
drops all that crud at your doorstep.  You really shouldn't worry too much 
about packets that you discard, unless of course they are taking up some
significant amount of resources. "
<snip>

Brian








More information about the list mailing list