Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: application for an employment

From: Raoul Armfield <armfield () amnh org>
Date: Mon, 03 Apr 2006 09:19:06 -0400
Ansgar -59cobalt- Wiechers wrote:

On 2006-03-31 Craig Wright wrote:

The idea that you as a general Internet user have to scan a host to
find services is technically wrong and ludicrous in its inception.
Never has this been the case. The idea that having to connect to a
service could be justification for port scanning is incredulous to
state the least.


Please elaborate. Why do you believe this to be technically wrong. What
other mechanism than portscanning do you have at hand that will give you
an overview of which hosts run which services in a given network range?
DNS. Dig or nslookup is entirely different than a portscan. These two tools simply connect to your approved DNS server and pulls down records that I have made publicly available (advertised if you will). There is no protscanning involved. (unless of course you wrote your own version of dig :) ) 




This is a simple reasonableness test. If you want to send mail - do
you have to scan a site - the answer, No. When going to a web site do
you have to check if the have an IPsec VPN to the host, the answer,
No.


How do I find out about the mail server? How do I find out about the
webserver? How do I get permission to access them?
Why do you need to know if I am running a mailserver? If you have email then you have a mail server that you have permission to use. There is no reason to portscan my systems to see if I am running a mail server. If I want my mail server to me known about there will be a DNS server somewhere who has my MX record registered. This DNS will in turn register it with other DNS servers thus giving permission for others to find out about it. It could be said that registering with DNS is advertising these services thus granting permission. Same applies to webservices. Anything beyond that will be advertised via links on various sites. Why do you need to portscan my IP space to see if I have an FTP server running. If there is something there you need? 

Raoul


--
Raoul Armfield
rarmfield at amnh dot org

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. 
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: