Comment by lxgr

10 hours ago

In such a world you can say goodbye to any kind of free Wi-Fi, anonymous proxy etc., since all it would take to burn an IP for a year is to run a port scan from it, so nobody would risk letting you use theirs.

Fortunately, real network admins are smarter than that.

8 comments

lxgr

BLKNSLVR 8 hours ago

Pretty much. I think there's also a responsibility on the part of the network owner to restrict obviously malicious traffic. Allow anonymous people to connect to your network and then perform port scans? I don't really want any traffic from your network then.

Yes, there are less scorched-earth ways of looking at this, but this works for me.

As always, any of this stuff is heavily context specific. Like you said: network admins need to be smart, need to adapt, need to know their own contexts.

lxgr 1 hour ago

This is how you get really annoying restrictions on public networks, because some harmless traffic will inevitably be miscategorized by an overeager firewall/DPI system.
I’m not saying that there should be zero consequences for allowing bad traffic from your network, but there’s a balance, and I would hate a world in which your policy were more common.
Arguably we are already partially living in that world, as some companies are already blanket-banning entire countries, VPNs etc., rather than coming up with more fine-grained strategies or improving their authentication systems to make brute force login attempts harder. It’s incredibly annoying.
gzread 8 hours ago
Do you feel coffee shop WiFi should require you to scan your passport to connect, or that it shouldn't exist at all?
- perching_aix 7 hours ago
  
  Not OP, but the latter sounds pretty good actually, yeah. Never understood the free WiFi craze anyways. Just use cellular?
  
  3 replies →