Security Incidents mailing list archives
Re: Scanning. Is it dangerous?
From: arcade () KVINESDAL COM (Rune Kristian Viken)
Date: Sun, 7 May 2000 11:27:33 +0200
On Mon, 01 May 2000, you wrote:
My question is how the recognized simple scanning is described in your IT security policy and why scanning is so dangerous for you?What useful purpose does a "user" have for scanning for random ( or specific ) hosts, or random ( or specific ) ports on your LAN or someone elses network ??
Sorry for the late answer. You include "all categories" in your question. I would like to concentrate on "specific hosts" or "specific ports". Everyone learns TCP/IP some way or another. I learned it by reading some material on "portsurfing" and "exploring the net around you". I picked myself hosts, and connected to well known ports, such as 21, 25, 79, 80, 110, 119, and so on. On the ftp, i tried to log in as anonymous, and so forth. I was exploring - and learning. It also happened (and still happens) that I scan a host for "what services does it run? and what OS is it?" - just out of curiousity. Also, when I receive spam I have a tendency to connect to the smtp server the spam originated from. Check their maild version and so forth. If its an old sendmail, I scan their lower ports -- and more often than not find that the system has more holes than swiss cheese. Its time to contact the admin, and explain something about "network security" to him. In other words, there are three very good reasons (probably more) to do a bit of "scanning". You *learn* by it, you satisfy your *curiousity* on what the other host is actually offering, and if you receive unwanted material(spam), you can check if it probably was relayed through the host (and therefore contacts them politely) - or if it probably was done,with purpose, by the box' admin (that's when you contact their ISP, politely :). -- "Rune Kristian Viken" <arcade () kvinesdal com> / arcade@irc (EFnet/IRCnet)
Current thread:
- Scanning. Is it dangerous? Sarunas Krivickas (Apr 29)
- Re: Scanning. Is it dangerous? Sebastian (May 01)
- Re: Scanning. Is it dangerous? Roelof Temmingh (May 01)
- DNS Probes Damian Gerow (May 01)
- Re: Scanning. Is it dangerous? John D. Burkett (May 01)
- Re: Scanning. Is it dangerous? Rune Kristian Viken (May 07)
- Re: Scanning. Is it dangerous? Ryan Russell (May 01)
- Re: Scanning. Is it dangerous? jms (May 02)
- Re: Scanning. Is it dangerous? Jose Nazario (May 03)
- Scanning. Is it a consumer right? ethan preston (May 02)
- Re: Scanning. Is it dangerous? jms (May 02)
- Re: Scanning. Is it dangerous? Russell Fulton (May 01)
- <Possible follow-ups>
- Re: Scanning. Is it dangerous? -reply Joseph, Lorne (May 01)
- Re: Scanning. Is it dangerous? Don Tansey (May 01)
- Re: Scanning. Is it dangerous? Igor Gashinsky (May 02)