Nmap Announce mailing list archives
Re: Examples of legit nmap usage?
From: Bennett Todd <bet () mordor net>
Date: Mon, 20 Sep 1999 18:32:21 -0400
1999-09-20-15:52:27 Andreas Kostyrka:
[ a lengthy explanation of the deficiencies of the "hard outside, shoft chewy inside security design, with poor internal security and a firewall ]
I don't disagree with you; I sincerely hope that a combination of replacing bad OSes with good ones, replacing bad apps with good ones, and using good automation and management tools will make it possible to systematically harden the inside to the point where we can toss the firewalls. I don't defend the poor-internal-security design; I simply caution it exists. The fact is, there are machines on in-house nets that nmap will crash. It's not good that they exist. Keeping them around and unprotected where any in-house user can crash them is not a good practice. Lobbying to improve things is a good professional pursuit. But doing unauthorized things (e.g. a big nmap scan) that goes out and crashes them needlessly is a bad idea, particularly if people can figure out that it was you who did it when they need someone to blame. The argument "they shouldn't have left a crashable machine like that" won't impress management, you'll still catch the blame, and the severity of the consequences will depend more on who got inconvenienced and how badly than on what you did. -Bennett
Current thread:
- Examples of legit nmap usage? Foust, Adam G. (Sep 17)
- Re: Examples of legit nmap usage? Bennett Todd (Sep 17)
- Re: Examples of legit nmap usage? David Carmean (Sep 17)
- Re: Examples of legit nmap usage? Joel Eriksson (Sep 18)
- Re: Examples of legit nmap usage? Bennett Todd (Sep 20)
- Re: Examples of legit nmap usage? Andreas Kostyrka (Sep 20)
- Re: Examples of legit nmap usage? Bennett Todd (Sep 20)
- Re: Examples of legit nmap usage? Bennett Todd (Sep 17)
- Re: Examples of legit nmap usage? Lamont Granquist (Sep 20)
- Re: Examples of legit nmap usage? Max Vision (Sep 21)
- IP fragment overwriting bug exploitation Lamont Granquist (Sep 21)
- reverse frag scanning patch Lamont Granquist (Sep 22)
- <Possible follow-ups>
- RE: Examples of legit nmap usage? Rob Shein (Sep 17)
- RE: Examples of legit nmap usage? Scott Hardy (Sep 20)
- Re: Examples of legit nmap usage? Foust, Adam G. (Sep 21)