Security Basics mailing list archives
RE: FW: Legal? Road Runner proactive scanning.[Scanned]
From: "Shawn Jackson" <sjackson () horizonusa com>
Date: Thu, 18 Mar 2004 08:58:08 -0800
I'll agree that the hotel analogy is flawed, because the effort
required by the hotel
operator to answer such questions is proportionally much larger than
the effort required
of a host and associated network equipment to process a bunch of
niladic
connection requests.
I've done aggressive portscans on all kinds of different hosts and would be very surprised to see even a low-end box register a meaningful difference in a uptime printout.
But this is a "fundamental" flaw ONLY if you assert that the effort in
the network
case is ZERO -- and it's not. The threshold at which it becomes a
denial of service
is much higher, thankfully, but even without reaching that threshold
it's an abuse of
the host owner's bandwidth and CPU resources for connections which the scanner never intends to actually use.
The flaw is more 'fundamental' then just a incorrect assertion of resource use. First lets get out what a port is. A port is a communications channel for which the operating system uses to translate network traffic to a process or thread running within the operating system. The port itself is not the process or thread and does not respond or process requests, it is merely the visible edge of the translation system. Now, that said that 'process' is extremely quick, yes even in Windows :-), and doesn't cost that much in the way of CPU load, memory usage, etc. Additionally, portscan packets are extremely small, basically just a quick SYN->ACK sequence so even a aggressive portscan won't use that much network bandwidth.
(Actually, this illustrates an aspect which the "rattling doorknobs and
windows" analogy
completely fails to capture.) Portscans have costs and, in some cases,
consequences.
These are usually quite minor, but that's a matter of degree rather
than of ethical principle. Portscans do have costs, but a portscan is un-intrusive by nature. It doesn't care what a service is, or how it works. All it cares about is the port open. You can't compare a portscan to doors or windows because they functions are fundamentally different, A portscan would be more like saying, is there a door there, not actually using it. Ethics should play a major role in how you use any hacking tool, IMHO. Shawn Jackson Systems Administrator Horizon USA 1190 Trademark Dr #107 Reno NV 89521 www.horizonusa.com Email: sjackson () horizonusa com Phone: (775) 858-2338 (800) 325-1199 x338 --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Re: FW: Legal? Road Runner proactive scanning.[Scanned], (continued)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Derek Schaible (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 22)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 18)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] ~Kevin DavisĀ³ (Mar 19)
- The fallacy of analogies - Enough with throwing rocks at your windows! Burton M. Strauss III (Mar 23)