Security Basics mailing list archives
Re: FW: Legal? Road Runner proactive scanning.[Scanned]
From: "Bryan S. Sampsel" <bsampsel () libertyactivist org>
Date: Wed, 17 Mar 2004 13:02:32 -0700 (MST)
OK. for the cheap seats... Ansgar -59cobalt- Wiechers said:
On 2004-03-15 Bryan S. Sampsel wrote:No regular, authorized user should be scanning. That user will be provided the information as necessary. Sorry.Your are going to explain how you are going to do that, e.g. for publically available services on ports that are not well-known, aren't you? And even if so, what's it hurt if someone goes finding out for himself? I still don't get your point.
Simple. A connection attempt from an established known service, such as HTTP, IMAP, SMTP, etc, is NOT the same as a portscan. Somebody attempting to utilize specific, known services is not performing the same action...and I can check my logs to watch for abusive patterns (excessive ftp logins, etc). A portscan is a method of taking a wide-angle snapshot of my system. Not quite the same thing. Hope that explains it.
How else should I call hiding the services you provide by prohibiting portscans (or trying to)?
Preventing an unauthorized person from scanning my box is merely the first step in protection...I guess I can buy the obscurity label. But, using that as a first step isn't wrong. It's merely a piece of the protection...perhaps it might be akin to using window blinds. They don't keep people from breaking in the window, but do prevent people on the street from peeking at the inside of my house to decide if it's worth breaking into or not (stereo, TV, whatever).
Portscans are comparable to somebody checking all my windows and doors to see if they're unlocked.So? Lock them already, if you don't want them to be open.
That is irrelevant. Even were I foolish enough to leave a system unprotected, nobody has the right to poke around it, let alone molest it. Same holds true for my house. Even an unlocked door does not allow somebody to tresspass.
I have mail box out front for communication and a phone. People can call me. But them attempting to find other ways into my house is tresspassing. And such activity can indicate an attempt to break in is forthcoming.This analogy was born without legs. A portscan is a means of finding out what services you are providing to the public. Nothing more. Nothing less.
No. A portscan is more than that. If you wish to see if I run a website, use your browser. If you wish to send email to that box, send email. Let the known, public services do what they're intended to. Unless I authorize you, the rest is none of your business. bryan --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: Yet another thread on the legality of port scanning, (continued)
- Re: Yet another thread on the legality of port scanning Barry Fitzgerald (Mar 18)
- Re: Yet another thread on the legality of port scanning Charley Hamilton (Mar 19)
- Re: Yet another thread on the legality of port scanning Barry Fitzgerald (Mar 22)
- Re: Yet another thread on the legality of port scanning Derek Schaible (Mar 19)
- Re: Yet another thread on the legality of port scanning Charles Otstot (Mar 22)
- RE: Yet another thread on the legality of port scanning David Gillett (Mar 19)
- Re: Yet another thread on the legality of port scanning Barry Fitzgerald (Mar 19)
- RE: Yet another thread on the legality of port scanning Yvan Boily (Mar 19)
- Re: Yet another thread on the legality of port scanning Murad Talukdar (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Ansgar -59cobalt- Wiechers (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Ansgar -59cobalt- Wiechers (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Derek Schaible (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 19)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] ~Kevin DavisĀ³ (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Phil Brammer (Mar 19)
- Automatically encrypting and signing to a group of people w/ Outlook 2003? Mark G. Spencer (Mar 19)
- Re: Dos Attack Fernando Gont (Mar 15)