On the one hand, I do appreciate that my ISP does security scans, presumably checking for vulnerable and compromised machines on its part of the network. Yay them. On the other, I really wish they wouldn't do this from their nameserver machines. Having all the machines in your resolv.conf black-holed for security violations makes life somewhat less fun than one might otherwise like...
Posted by Dan at March 11, 2004 09:26 AM | TrackBack (0)This is why IDS systems that actively install filters or, worse, initiate counterattacks are such juicy denial of service targets. By which I mean to say, "accomplices".
Posted by: Robert Sanders at March 12, 2004 07:04 PM