Security Basics mailing list archives
RE: Legal? Road Runner proactive scanning.
From: "Mark Medici" <mark () dbma com>
Date: Fri, 12 Mar 2004 18:31:38 -0500
From: Bryan S. Sampsel [mailto:bsampsel () libertyactivist org] Sent: Friday, March 12, 2004 11:23 AM If you're the customer. However, if you're not the customer, they
have no
legal right to scan your resources.
That's a different matter, but still it's not illegal, at least not under any law that I have seen. But IANAL or a cop, YMMV and all that stuff. While I might not like someone scanning my ports, there is nothing particularly bad about it, unless it is done in such a way as to constitute a denial-of-service attack or harassment. Now, how the person scanning uses that information may be illegal (attempting an exploit) or negligent (unauthorized disclosure to third parties). Port scanning is such a common and innocuous occurrence that there's no reason for it to even be a part of your normal IDS alerts or reports. Just block it and log it and ignore it unless/until there's an escalation, then go back to the raw logs for evidence. Of course, if the port scans make it through to your DMZ or internal network, then I'd want to see alerts from the IDS's in those zones. As for testing all connecting SMTP servers for the presence of open relay/proxy, I think this is a matter of self preservation and a feature I'd personally like to see my MTA provide. It's hard to argue against something that makes good common sense. If it makes you feel better or more secure to firewall-off every IP that scans your ports or checks for open relays, then go ahead and do it. But expect to keep busy, and potentially loose communications from bona fide customers in the process. --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Legal? Road Runner proactive scanning. jbod (Mar 09)
- Re: Legal? Road Runner proactive scanning. Greg (Mar 10)
- Re: Legal? Road Runner proactive scanning. Bryan S. Sampsel (Mar 11)
- <Possible follow-ups>
- Re: Legal? Road Runner proactive scanning. Mitchell Rowton (Mar 11)
- Re: Legal? Road Runner proactive scanning. steve (Mar 12)
- RE: Legal? Road Runner proactive scanning. Aditya, ALD [Aditya Lalit Deshmukh] (Mar 15)
- RE: Legal? Road Runner proactive scanning. Mark Medici (Mar 12)
- RE: Legal? Road Runner proactive scanning. Bryan S. Sampsel (Mar 12)
- RE: Legal? Road Runner proactive scanning. Aditya, ALD [Aditya Lalit Deshmukh] (Mar 15)
- RE: Legal? Road Runner proactive scanning. Bryan S. Sampsel (Mar 12)
- Re: Legal? Road Runner proactive scanning. Gnuthad (Mar 15)
- RE: Legal? Road Runner proactive scanning. Mark Medici (Mar 15)
- RE: Legal? Road Runner proactive scanning. Bryan S. Sampsel (Mar 15)
- Re: Legal? Road Runner proactive scanning. Greg (Mar 10)