I agree completely!

The point is not that a person is knocking on your door, but doing it to the entire neighborhood; and there's no really good way to tell a knock from a guy with a lock pick. The knock may not be enough (and probably shouldn't be) to set off an IDS, but doing so to every system on a network is out of hand and certainly will trigger alarms. And this isn't like a door-to-door salesman, but much more like a mysterious character knocking on all the doors but without announcing his intentions. I know I'd have my guard up if that happened in my neighborhood; why should security professionals who already get grief for failing to cover every single hole be any less concerned?

Furthermore, it's all too true that a line has to be drawn. It's one thing to look at someone's house--even at length--and notice things about it like which windows are open and which are usually unlocked, etc. It's another to go right onto the property and being inspecting the place in detail (i.e. a port scan) for weaknesses.

Quova has stopped short of that, but the way in which they've gone about their door-knocking is enough to give pause to even the most laid-back admin. This is not one isolated network they're pinging but many, indeed a large part of the Internet. If someone's walking down every street and checking every door, I want to know why.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/56/2532#2532