[unisog] CHE 3/15: The Growing Vulnerability of
pauls at utdallas.edu
Tue Mar 12 19:14:16 GMT 2002
--On Monday, March 11, 2002 1:16 PM -0800 Tom Perrine
<tep at SDSC.EDU> wrote:
> We are at the point where the only reason to notice scans
> is for our security research, to generate some statistics
> and to "prove" that we still need to "do" security.
We are too, and this concerns me. I worry that we are
missing something serious amidst all the "noise". One
thing is for sure. We need better tools to sift the wheat
from the chaff, because the level of traffic is making "the
old ways" highly inefficient.
> Reporting these scans to J. Random ISP in the US or
> anywhere is almost always a waste of time. All the
> people who care have worked hard to fix their systems and
> you won't get scanned from them, and those that haven't
> fixed their systems are never going to.
Our experience is the same here as well, and that also
concerns me. ISTM that at some point these networks need
to clean up their act. If it doesn't happen voluntarily,
then expect governments to step in and "solve" the problem,
and that worries me more than anything.
Paul Schmehl (pauls at utdallas.edu)
Supervisor of Support Services
The University of Texas at Dallas
AVIEN Founding Member
More information about the unisog