Folks: I usually just lurk around here, and try to add value when I can, and moreover, enjoy the great value of everyone's experiences with security events and issues. The bottom commentary chilled me a bit when I read it, so I choose to comment. To whoever wrote the below commentary, please note I have a different point of view than you, and this is not a personal retort. Saying ISP's are responsible for the wrongdoing of people is like making the same analogy of making the phone company responsible for bookies doing illegal gambling, or making hardware stores responsible for selling hammers to murders. ISP's provide a means to communicate, that's all. Traffic filtration always has negative implications, from censorship to the more technically obvious ones of taxing the processing <CPU> limits of firewalls and routers and requiring additional ISP investment. All of these things solve the problem like cement seals up a crack in a sidewalk. Educating ISP's is a solution, but the real solution? Stop producing the broken tools that create these holes. SNMP was never meant to be a secured transport for performance information. Most all Internet protocols were designed in an age where the concepts of trust and machine / entity identification were assumed to be moot or unimportant. That landscape has changed, but we're still stuck with things like SNMP and SMTP that understand nothing about security, because they were not intended to, and were never coded to be so. Let's spend our time pushing commercial entities and the free source movements around the world to produce the secure transports for our data today, and less time trying to find culprits for the problem of dealing with the legacy of today. Finger pointing just produces a lot of confusing directions. If we all point our finger @ tomorrow, we'll get to a securer net a lot quicker. -T -----Original Message----- From: Security Coordinator [mailto:securityat_private] Sent: Tuesday, February 19, 2002 9:51 AM To: Peter Johnson; incidentsat_private Subject: Re: SNMP Scans 02/17/02 On Sunday 17 February 2002 23:23, Peter Johnson wrote: > > Do you think we should be reporting snmp scans to ISPs > or just a waste of time? Well, one way or another ISPs need to be fingered. I don't see other people in the security community saying much, so maybe its time someone started. ISPs ARE RESPONSIBLE for a lot of the security problems on the net today. How could someone do SNMP scans of a network unless ISPs let them get away with ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Feb 22 2002 - 13:11:18 PST