Security Basics mailing list archives
RE: FW: Legal? Road Runner proactive scanning.[Scanned]
From: "Bryan S. Sampsel" <bsampsel () libertyactivist org>
Date: Mon, 15 Mar 2004 11:41:08 -0700 (MST)
Jef Feltman said:
So if someone comes and knocks on your door at home you shoot them? Do you consider them a criminal? No, you lock the door and windows.
Not quite an accurate comparison. A portscan is comparable to somebody testing those locks and windows. An action that has legal ramifications. And legally speaking, a tresspasser doesn't have to bypass a locked door to tresspass. A knock is a "service" -- a method of communicating with my house. As is a phone or mail. Just a tad different than a security probe.
If your host is on the internet I consider it public and knocking on the door to see if the shop is open, is not a problem. If you do not want people coming in the door lock it and give a key to those who need it.
Still not an apples-apples. There are legit ways of communicating with my system.
Based on your statement no website should not be accessed by anyone other than an employee. Sending E-Mail would be a violation also, as the port must be checked to verify it can be opened to receive.
Nope. Email performs a handshake, it does not probe an entire system to communicate. If it receives no response on its connection attempt, it ceases activity.
Port scanning is not an attack it is probe. I have scanned many machines that have tried to attack my machine trying to verify if it is an attack or the host has been compromised. Unless the attack is currently in progress, the host is almost always taken over by a hacker or virus. Scanning the host allows me to find ports open that prove the host has been attacked and taken over. Then I am able to inform the ISP or user of the problem. And not go after some innocent user.
My IDS tells me who tried to attack/probe/portscan (pick one) and I inform the ISP or server owner (from WHOIS) and let them know the nature of the activity I'm seeing. I do not want to initiate the same type of activity against them, I want them to inspect and fix their problem. Blocking the attack is my business, inspecting and fixing it is theirs. <snipped for brevity> bryan --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: FW: Legal? Road Runner proactive scanning.[Scanned], (continued)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 19)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] ~Kevin DavisĀ³ (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Phil Brammer (Mar 19)
- Automatically encrypting and signing to a group of people w/ Outlook 2003? Mark G. Spencer (Mar 19)
- RE: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 12)
- Dos Attack Craig Spiers (Mar 12)
- Re: Dos Attack Fernando Gont (Mar 15)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 12)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 15)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 16)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Phil Brammer (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 15)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 16)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Derek Schaible (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 22)