Security Basics mailing list archives

Re: Some technical errors

From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Wed, 5 Apr 2006 01:42:40 +0200

On 2006-04-03 Craig Wright wrote:

Ansgar wrote..."Wrong. The only technical differences between a
portscanner and dig are:A portscan will report that a port is
open/closed/filtered, whereas dig will retrieve data after the connect.
- A portscan may be run against a range of ports and/or a range of hosts
(giving you an overview of the network), whereas dig will only connect
to a single port on a single host."

Last time I checked, a port scanner and dig did completely different
tasks. So did an email client and a port scanner.


I'm not talking about tasks. I'm talking about what the programs do on
layer 4.

Next, it has been proposed that an Internet user would need to port
scan to send e-mail.


No. There is a major difference between may and must. However, a
portscan will deliver, even if there's no other source of information,
so it is a fallback if nothing else.

A selection of a header is attached below as answer to the statement
that this (a port scan) is needed. The header attached is one from a
security focus message. The header demonstrates that the email is sent
from a mail client.

[...]

Now being the user in question generally sends email using a mail
client. That the user does not have to port scan the site to send mail
and that the act of sending mail is not aided in any manner from a port
scan, how can port scanning a server to see if it runs SMTP be (to a
reasonable man) considered valid.


Non sequitur.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

Some technical errors Craig Wright (Apr 03)
- Re: Some technical errors Ansgar -59cobalt- Wiechers (Apr 05)
- <Possible follow-ups>
- Re: Some technical errors Tomas Korcak (Apr 06)
- RE: Some technical errors Craig Wright (Apr 06)
- RE: Some technical errors Craig Wright (Apr 06)