Security Basics mailing list archives
Re: FW: Legal? Road Runner proactive scanning.[Scanned]
From: Charles Otstot <charles.otstot () ncmail net>
Date: Fri, 12 Mar 2004 08:42:15 -0500
James P. Saveker wrote:
You consider a port scan to be an attack? Why is a port scan an attack? Do other people on this list agree with this? Perhaps I am naive, James Savekerwww.wetgoat.net
<snip to end>I would certainly consider port scanning to be an attack, based on the intention(s) implied by such activity. Although I am far from a security expert from a technical perspective, it seems to me that the answer to this question lies not in technical arguments, but rather on determining whether one has the right to access someone else's network without permission. I, for one, believe that noone (and no organization) has the right to access my network or any systems on that network without permission. Permission to access a given resource does not necessarily have to be explicit (i.e accessing a publicly hosted web page would generally be permissible), however, ordinary concepts of reasonableness (what a reasonable person would consider ok) certainly apply (e.g. intentionally accessing an accidentally accessible resource that is clearly intended to not be accessible would be considered improper). I would view port scanning, regardless of the source, as improper access to the network. It seems to me that a reasonable person would not consider it permissible for an outside entity (e.g a business competitor) to surrepticiously attempt (the breadth and depth of the access and the resources accessed without explicit permission would help one determine whether the attempt.is indeed surrepticious) to access resources on the network. A port scan against one or more hosts by an outside agent implies an attempt to find services with potential holes active on the network. That in, and of itself, implies that the scanner will utilize any information found to launch (further) attacks against specific hosts in an attempt to gain further access to the network. As the "scanee", I can only consider such access an unwanted, unauthorized intrusion with (likely) malicious intent. As such, I would necessarily view port scans to be an attack (even if only limited) against the network.
Charlie ---------------------------------------------------------------------------Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Current thread:
- Re: FW: Legal? Road Runner proactive scanning.[Scanned], (continued)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Ansgar -59cobalt- Wiechers (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Derek Schaible (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 19)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] ~Kevin DavisĀ³ (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Phil Brammer (Mar 19)
- Automatically encrypting and signing to a group of people w/ Outlook 2003? Mark G. Spencer (Mar 19)
- Re: Dos Attack Fernando Gont (Mar 15)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 15)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 16)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Phil Brammer (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 17)