Security Basics mailing list archives
Re: FW: Legal? Road Runner proactive scanning.[Scanned]
From: Charles Otstot <charles.otstot () ncmail net>
Date: Fri, 19 Mar 2004 13:28:22 -0500
Jef Feltman wrote:
Yes, it is reasonable. You agree to allow others to send packets to you host as soon as you connect it to the internet. By this act you give permission to the world. The port they send to does not make a difference as far as legal or not. Attaching a host to the internet is like opening your business to the public. There is no other way to request info about services available from a host other than a port scan. jef
To use your previous analogy...If your mother called you and said someone was knocking on various doors at her home, would you consider such activity alright or would you immediately call the police and report a possible prowler?
In response to your statement that "There is no other way to request info about services available from a host other than a port scan.": This statement is categorically false. One can contact the host owner through other means (e.g. email or the telephone) and *ask* what servies they intend to be publicly accessible. Indeed, I maintain that one is obligated to do so before communicating with any hosts on that owner's network whose services are in doubt. Basically, my belief is that if you don't own it, you have no right to access it without permission. If there is any doubt as to whether you have permission (even for a cusrory scan of seeing what might be there), you must ask, and receive permission before going any further. This is not a technical concept, it is the simple moral concepts of right and wrong and of respecting the rights of others.
Charlie
<snip>
---------------------------------------------------------------------------Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Current thread:
- RE: FW: Legal? Road Runner proactive scanning.[Scanned], (continued)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 15)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 16)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Phil Brammer (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 15)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 16)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Derek Schaible (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 22)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 18)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 19)