Despite your good intentions and noble goals, I hold that there is no valid reason for a web server to try to make unsolicited connections to my system. A port scan detector I sometimes run on my network would automatically start dropping packets from your host and notify me and your ISP's IP range abuse admin of the attack.It has to be manually overridden not to take those actions for a particular host or network range.
You may want to announce somewhere near your comment entry box that you'll be using this type of countermeasure so people don't think you're the one stirring up trouble. In most instances, I don't think people look any more kindly on port scanning of their systems than they do on spam. If you make it clear what's going on and why, you're likely to get more support for it.
I know I'm always happy to allow anti-cheating tests during games and such if I know what they are going to do and why. By agreeing to use a service which I know will be port scanning my systems, I would be agreeing to the scan. That's a much better scenario than you just scanning my network without telling me.
How do you deal with multiple people in the same community who share a pool of short-lived DHCP leases if you only check once per week?
In reply to Re^3: RFC: CPAN module for blocking open proxy requests
by mr_mischief
in thread RFC: CPAN module for blocking open proxy requests
by Gunnar
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |