Security Basics mailing list archives
Re: FW: Legal? Road Runner proactive scanning.[Scanned]
From: Derek Schaible <dschaible () cssiinc com>
Date: 18 Mar 2004 12:08:47 -0500
On Wed, 2004-03-17 at 21:16, Ansgar -59cobalt- Wiechers wrote:
On 2004-03-17 Bryan S. Sampsel wrote:A portscan is a method of taking a wide-angle snapshot of my system. Not quite the same thing. Hope that explains it.No. I still fail to see how you are going to provide arbitrary users with the information I mentioned above.How else should I call hiding the services you provide by prohibiting portscans (or trying to)?Preventing an unauthorized person from scanning my box is merely the first step in protection...I guess I can buy the obscurity label. But, using that as a first step isn't wrong.I didn't say anything about wrong. I just don't see much sense in it.
Absolutely nothing wrong with it. there are methods we can all employ simply enough to prevent port scanning of those ports we are not providing. Really, there is no reason to complain about anyone scanning your host. It's silly, no analogy is needed. If hiding your service is your goal, realize obscurity isn't security. Is it worth obscuring? Sure, I guess, but its zero to your security - I guess its a fun exercise though.
It's merely a piece of the protection...perhaps it might be akin to using window blinds. They don't keep people from breaking in the window, but do prevent people on the street from peeking at the inside of my house to decide if it's worth breaking into or not (stereo, TV, whatever).Would you please stop making up stupid anlogies? Thank you. A port scan is not telling someone what's inside your house. It tells just which of the stores in the basement are open.
OK, the analogies are getting really silly. Can we put this to rest? If you don't know how to block port scans, maybe the question "How do I prevent portscanning?" should be asked. Regarding its legality is pointless - its meaningless, the act of it is harmless. Worse case? Your log files get filled up - maybe your logging is too agressive?? Abusive packets sent? this is a DoS and bears no responsibility to scanning. Any open port can be DoS'd. Your host does *not* need be scanned for this sort of activity to occur. Just what do we hope to accomplish by continuing this thread?? -- Derek Schaible <dschaible () cssiinc com> CSSI, Inc.
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: Yet another thread on the legality of port scanning, (continued)
- Re: Yet another thread on the legality of port scanning Barry Fitzgerald (Mar 22)
- Re: Yet another thread on the legality of port scanning Derek Schaible (Mar 19)
- Re: Yet another thread on the legality of port scanning Charles Otstot (Mar 22)
- RE: Yet another thread on the legality of port scanning David Gillett (Mar 19)
- Re: Yet another thread on the legality of port scanning Barry Fitzgerald (Mar 19)
- RE: Yet another thread on the legality of port scanning Yvan Boily (Mar 19)
- Re: Yet another thread on the legality of port scanning Murad Talukdar (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Ansgar -59cobalt- Wiechers (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 17)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Ansgar -59cobalt- Wiechers (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Derek Schaible (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Bryan S. Sampsel (Mar 19)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] ~Kevin DavisĀ³ (Mar 18)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Phil Brammer (Mar 19)
- Automatically encrypting and signing to a group of people w/ Outlook 2003? Mark G. Spencer (Mar 19)
- Re: Dos Attack Fernando Gont (Mar 15)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 15)