Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Yet another thread on the legality of port scanning

From: "Mortis" <m0rtis () adelphia net>
Date: Tue, 16 Mar 2004 22:27:25 -0500
Anybody who wishes to communicate to my resources
can do so by normal
means: web browser, email, etc.


The normal means of communicating on the internet is via IP
packets.


All such
services will be published where
appropriate.


There is no place to publish open ports, accepted protocols,
and authorized users.


Simply providing one service does
not give tacit approval
for somebody to probe my resources.


The act of plugging a device into a public [@1] IP address
is your way of giving people permission to send packets to
it.

Anyone on the internet can send an IP packet to anyone else.
That's kind of the whole point.

Search around for the hundreds of reincarnations of this
thread.  The analogies have been done to death.  Keep
private services off the net.  Secure public services as
needed.

[@1] http://www.m-w.com/cgi-bin/dictionary?va=public
     6a accessible to or shared by all members of the
community
--
Mortis


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: