Security Basics mailing list archives
RE: application for an employment
From: "c.s.wright" <c.s.wright () unn ac uk>
Date: Mon, 3 Apr 2006 23:10:30 +0100
Hi Mike The main point comes to what is illegal. Criminal and illegal are different things. Speeding is illegal but only criominal in certain instatnces. I would not look at these as being "questionable but completely legal" as the act is not completely legal - it is just not criminal or enforcible without damage. A legal disticntion maybe, but a distinction none the less. Regards Craig (Uni account as disclaimer too long on work one) -----Original Message----- From: Mike Fetherston [mailto:mike_sha () shaw ca] Sent: 3 April 2006 11:20 To: 'Ansgar -59cobalt- Wiechers'; security-basics () securityfocus com Subject: RE: application for an employment
Most people who use the Internet in any of its means do not port scan systems.Entirely besides the point.
Craig, I'll agree with you there; it's been a very long time since I've scanned a publicly available host. Many people who use not only the internet but many other public resources do _not_ do a lot of things are considered completely legal. There are many activities that are questionable but completely legal.
This is a simple reasonableness test. If you want to send mail - do you have to scan a site - the answer, No. When going to a web site do you have to check if the have an IPsec VPN to the host, the answer, No.How do I find out about the mail server? How do I find out about the webserver? How do I get permission to access them?
You must make a connect();
The idea that completing a DNS request could be in ANY way equated to port scanning is ignorant and negligent as a suggestion given the knowledge of the person who stated it.
I would like to clarify my statement from my previous e-mail. I stated: "Pointing a web browser to a server that does not offer any http/https services could be thought of as a "port scan". Same with accidentally pointing anything, whether it be telnet, ssh, ftp, r*, or any kind of network tool, at a server that does not offer those services. A connect has to be made to find out if you can use that service. There is nothing malicious in that." First off, I put "port scan" in quotes, meaning that, in concept, the two can be similar in that they both need to connect to a port. I should have stated _that_ instead of simply using the quotes. That statement was not an attempt to create a 1:1 equality between client connects and a port scan. When I said "thought of as a "port scan"" I was saying this from the point of view of a paranoid sysadmin. From that POV, any kind of attempt to connect to any service other than what you offer sets off alarms. "Why is this IP constantly trying to connect to <insert IANA port numbers here> when I don't offer those services?" Well, maybe it's a misconfigured, misinformed, or compromised client, or set of clients. I would not send the law to anyone's door because of this. What's the difference between simple client connects and someone using nmap to do a quick sweep of ports (i.e. -p U:53,T:21-25,80,8080)? Not much other than the nmap scan happens quicker. A simple attempt to connect to a port is not illegal. It can be considered questionable and may raise concerns, but not illegal by any stretch. We get into illegal acts when that data that's been collected has been used to perform some sort of attack, whether it be successful or not.
In response to: Bottom line: "If you don't want your property trespassed, don't put it into public places" Rights (for right or wrong) are rights.True. But I seriously doubt that some rights claimed in this discussion actually exist That's what I'm objecting to.
I don't think that looking is illegal. I've been refraining from using any kind of analogies in this discussion but... I walk into a public park and people look at me, not illegal. Someone peers through my window at night, illegal. A portscan, in *my* opinion, is not trespass. Entering that service either by force or deception (i.e. a secured service) is trespass. I don't think that this debate will ever end and will continually surface. Both sides of the argument have very valid points and neither is completely wrong. Mike Fetherston ==== This e-mail is intended solely for the addressee. It may contain private and confidential information. If you are not the intended addressee, please take no action based on it nor show a copy to anyone. Please reply to this e-mail to highlight the error. You should also be aware that all electronic mail from, to, or within Northumbria University may be the subject of a request under the Freedom of Information Act 2000 and related legislation, and therefore may be required to be disclosed to third parties. This e-mail and attachments have been scanned for viruses prior to leaving Northumbria University. Northumbria University will not be liable for any losses as a result of any viruses being passed on. --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: application for an employment, (continued)
- RE: application for an employment Craddock, Larry (Apr 03)
- RE: application for an employment Craig Wright (Apr 03)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 03)
- Re: application for an employment c.s.wright (Apr 04)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 04)
- Message not available
- Re: Port scanning/illegalities Ansgar -59cobalt- Wiechers (Apr 05)
- RE: Port scanning/illegalities Ramsdell, Scott (Apr 06)
- Re: Port scanning/illegalities Ansgar -59cobalt- Wiechers (Apr 06)
- Re: Port scanning/illegalities Jeffrey F. Bloss (Apr 07)
- Re: application for an employment Ansgar -59cobalt- Wiechers (Apr 04)
- RE: application for an employment Kurt Reimer (Apr 06)
- RE: application for an employment David Gillett (Apr 06)
- RE: application for an employment Kurt Reimer (Apr 07)