Security Basics mailing list archives
Re: FW: Legal? Road Runner proactive scanning.[Scanned]
From: Andy Blair <blai0015 () umn edu>
Date: Thu, 18 Mar 2004 13:05:16 CST
A portscan is a method of checking weather a service is accepting data or not. It's a simple connection that closes if the port responds. A denial of Service would be flooding that port with so much traffic that it can't respond to other requests, that is not the case with a portscan. The hotel Analogy is fundamentally flawed for this argument. You wouldn't be taking with the operator, a portscan would see if you can 'phone' the hotel, then When they pick up you verified the 'port' is open. Talking with the operator is akin to communicating with the port, thus you 'browsing the page' and not just checking to see if the port is open. Shawn
I don't think that is quite an accurate analogy either. The difference is that you are only using one phone line, or "port" to call the hotel. A better analogy would be if hotels had a standard set of extension lines that were tied to specific services that a hotel could offer. You could dial into each extension, not knowing whether that specific hotel offered the service. If someone picked up, the line for that service is in use. You would have to actually listen to the answer or ask the person on the other line to determine if a specific service were actually offered (simulating tcp connection handshake). When a scanner does OS detection or similar operations, more than just listening for the line to be answered is needed. It would wait for "Hello, Room Service" or something like that before disconnecting, and make its decision on what cuisine was offered by how the phone was answered. A port scan has to communicate with the port in at least a limited way. It has to at least recieve a response to its probe in order for it to know the port is open, which satisfies a limited level of two-way communication. To me, port scanning has to be legal. It is too difficult to make it illegal because things get too messy. If you required the machine owner's permission to scan you start cutting of legitimate uses such as a program that may offer you different ways of connecting to a machine you have legitimate access to (it can check to see if you can connect via ssh, telnet, sftp, terminal services, etc..). It is a fine line between a program determining connection options and a malicious port scan. It is too hard to separate a legitimate jewelry store customer from one who is professionally casing the joint (inconspicuously looking at the windows and doors and walls while acting like a customer). Any law that attempts to do that will do more harm than good and will not work as intended. AB --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- RE: FW: Legal? Road Runner proactive scanning.[Scanned], (continued)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Charles Otstot (Mar 22)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Burton M. Strauss III (Mar 15)
- RE: Legal? Road Runner proactive scanning.[Scanned] James . Fields (Mar 12)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Mitchell Rowton (Mar 16)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Young, Randy (Mar 17)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Shawn Jackson (Mar 18)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Shawn Jackson (Mar 18)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] David Gillett (Mar 18)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Jef Feltman (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] Andy Blair (Mar 19)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Shawn Jackson (Mar 19)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Shawn Jackson (Mar 19)
- Re: FW: Legal? Road Runner proactive scanning.[Scanned] ~Kevin DavisĀ³ (Mar 19)
- RE: FW: Legal? Road Runner proactive scanning.[Scanned] Shawn Jackson (Mar 23)
- The fallacy of analogies - Enough with throwing rocks at your windows! Burton M. Strauss III (Mar 23)