Security Basics mailing list archives
Re: application for an employment
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 4 Apr 2006 21:05:52 +0200
On 2006-04-03 David Gillett wrote:
Using a web server is NOT a port scan - in any manner.A portscan makes a connect(), a web browser makes a connect(). Please explain where exactly you see the difference. Especially on layer 4.A port *scan* involves multiple connect() calls (which may or may not succeed), to multiple ports and/or multiple addresses.
May involve (though it usually does).
The connections thus established are not actually used to render the service for which the port(s) accept connections.
So what? Why does that make the connect() evil? And I'm NOT talking about DoS'ing a host here.
Distinguishing between a web client access and a port scan isn't so hard. Why must you pretend they're indistinguishable?
You can distinguish between them on layer 4? Please elaborate. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: application for an employment Craig Wright (Apr 03)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 03)
- Message not available
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 05)
- Message not available
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 03)
- <Possible follow-ups>
- RE: application for an employment David Gillett (Apr 03)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 03)
- Re: application for an employment Anthony Ettinger (Apr 03)
- Re: RE: application for an employment cwright (Apr 03)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 03)
- RE: application for an employment David Gillett (Apr 04)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 04)
- Re: application for an employment D. Bolliger (Apr 05)
- Re: application for an employment Micheal Espinola Jr (Apr 05)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 03)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 03)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 03)