Security Basics mailing list archives

Re: FW: Legal? Road Runner proactive scanning.[Scanned]

From: "Bryan S. Sampsel" <bsampsel () libertyactivist org>
Date: Thu, 11 Mar 2004 18:01:29 -0700 (MST)

On Thu, 11 Mar 2004, James P. Saveker wrote:

Date: Thu, 11 Mar 2004 22:08:27 -0000
From: James P. Saveker <james () wetgoat net>
To: security-basics () securityfocus com
Subject: FW: Legal?  Road Runner proactive scanning.[Scanned]

You consider a port scan to be an attack?

Why is a port scan an attack?  Do other people on this list agree with this?

Perhaps I am naive,


Yes, I consider a port scan to be an attack.  It is a probe to inspect my 
system, quite often a precursor to an actual attack if performed 
successfully.

It is not unusual to look at a port scan in this fashion...

To be more explicit, sometimes a portscan can be an indicator of system 
problems elsewhere.  I once reported activity from one particular 
server...the owner replied that he wasn't running any sotware like that 
and after inspecting his box, found he had a rootkit installed.  The user 
of the rootkit was probing my system.

One offender found he had a virus-infected system out there...never had a 
problem after that.

I've correlated data between port-scans and failed attempts to exploit my 
ftp daemon.  Makes for some interesting stuff sometimes...

IMO, yes, a portscan is an attempted breach.

bryan

 -- 
=======================================================
"Let your gun be your constant companion on your
walks...this gives exercise to the mind and independence 
to the mind...no free man shall ever be debarred the use 
of arms." 
                        --Thomas Jefferson
=======================================================


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

FW: Legal? Road Runner proactive scanning.[Scanned] James P. Saveker (Mar 11)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 12)
  - Re: FW: Legal? Road Runner proactive scanning.[Scanned] Ansgar -59cobalt- Wiechers (Mar 15)
    - Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 16)
    - Yet another thread on the legality of port scanning Mortis (Mar 17)
    - Re: Yet another thread on the legality of port scanning Charley Hamilton (Mar 17)
    - Re: Yet another thread on the legality of port scanning Ansgar -59cobalt- Wiechers (Mar 18)
    - Re: Yet another thread on the legality of port scanning ~Kevin Davis³ (Mar 19)
    - Re: Yet another thread on the legality of port scanning Charley Hamilton (Mar 19)
    - Re: Yet another thread on the legality of port scanning Ansgar -59cobalt- Wiechers (Mar 23)
    - RE: Yet another thread on the legality of port scanning Mortis (Mar 18)
    - Re: Yet another thread on the legality of port scanning Barry Fitzgerald (Mar 18)

(Thread continues...)