Security Basics mailing list archives
RE: FW: Legal? Road Runner proactive scanning.[Scanned]
From: "David Gillett" <gillettdavid () fhda edu>
Date: Mon, 15 Mar 2004 09:33:19 -0800
So if someone comes and knocks on your door at home you shoot them? Do you consider them a criminal? No, you lock the door and windows. If your host is on the internet I consider it public and knocking on the door to see if the shop is open, is not a problem. If you do not want people coming in the door lock it and give a key to those who need it.
If someone chucks stones at my doors, walls, and each of my windows, to see if they're open or not, I call the police. The fact that I have an open front door to my place of business does not diminish my right to do so. The fact that one of my windows was also open does not diminish it. The claim that the vandal was "just checking for openings" does not absolve them when one of their stones breaks a window, either. (Some esoteric types of port-scan HAVE been known to crash insufficiently resilient pieces of network equipment. I do not believe that your claim that port scans have never done damage is supported by reality.) If I advertise my front door, I may be limited in my right to refuse service to people who come through it. If I leave the back door unlocked -- however foolish that turns out to be! -- that does not constitute an invitation for the general public to use the employee entrance. (If I were inclined to prosecute a passerby who came in that way to alert me that the building was on fire, he would be protected by the common-law defense of necessity, NOT some bogus "it wasn't locked" defense.)
Port scanning is not an attack it is probe.
A dentist who sticks his tools in my mouth without asking first commits assault. An alien abductor who spelunks my bowels is not a friend. Your implication that "probe" is never a subset of "attack" is spurious. Dave Gillett --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: FW: Legal? Road Runner proactive scanning.[Scanned], (continued)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Phil Brammer (Mar 19)
- Automatically encrypting and signing to a group of people w/ Outlook 2003? Mark G. Spencer (Mar 19)
- RE: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 12)
- Dos Attack Craig Spiers (Mar 12)
- Re: Dos Attack Fernando Gont (Mar 15)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 12)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 15)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 16)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Phil Brammer (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 15)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 16)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Derek Schaible (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 22)