Re: Interesting Apache logs
From: Barry Margolin (barmar@genuity.net)Date: 03/26/02
- Next message: bsduser: "Re: ICMP Redirect interpretation"
- Previous message: Alan J. Flavell: "Re: Interesting Apache logs"
- In reply to: Alan J. Flavell: "Re: Interesting Apache logs"
- Next in thread: Alan J. Flavell: "Re: Interesting Apache logs"
- Next in thread: those who know me have no need of my name: "Re: Interesting Apache logs"
- Reply: Alan J. Flavell: "Re: Interesting Apache logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Barry Margolin <barmar@genuity.net> Date: Tue, 26 Mar 2002 00:25:33 GMT
In article <Pine.LNX.4.40.0203260049090.23243-100000@lxplus033.cern.ch>,
Alan J. Flavell <flavell@mail.cern.ch> wrote:
>I'm sorry: we (back at the campus - at cern I'm just another user and
>it's none of my business what their security scanner gets up to) try
>not to wait for victims to complain: known abuses are tested for, and
>nipped in the bud. I'm not saying that cases don't slip through, of
>course they do, but I'd like to see a more pro-active approach from
>other providers.
You've viewing it from a completely different perspective. Operating a
private campus network is different from operating an ISP, both in scale
(you don't have hundreds of thousands of customers, do you?) and in
customer expectations.
My cable modem ISP does (or at least used to -- they've gone through so
many mergers and acquisitions I don't know what their current policies are)
scan customer machines for certain problems; mostly things like
misconfigured WinGate, which allowed crackers to relay through the machine.
Many customers who did have firewalls would be alarmed at what seemed to be
port scans coming from the ISP's internal machines, until someone explained
to them that it was a preventative scan. Still, some customers felt that
it was no more proper for the ISP to be probing them than it would be for a
cracker; it's not the ISP's job to check up on them, they believed.
-- Barry Margolin, barmar@genuity.net Genuity, Woburn, MA *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups. Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
- Next message: bsduser: "Re: ICMP Redirect interpretation"
- Previous message: Alan J. Flavell: "Re: Interesting Apache logs"
- In reply to: Alan J. Flavell: "Re: Interesting Apache logs"
- Next in thread: Alan J. Flavell: "Re: Interesting Apache logs"
- Next in thread: those who know me have no need of my name: "Re: Interesting Apache logs"
- Reply: Alan J. Flavell: "Re: Interesting Apache logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
