Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: application for an employment

From: "David Gillett" <gillettdavid () fhda edu>
Date: Mon, 3 Apr 2006 17:38:43 -0700
Using a web server is NOT a port scan - in any manner. 


A portscan makes a connect(), a web browser makes a 
connect(). Please explain where exactly you see the 
difference. Especially on layer 4.


  A port *scan* involves multiple connect() calls (which may
or may not succeed), to multiple ports and/or multiple addresses.
The connections thus established are not actually used to render 
the service for which the port(s) accept connections.

  Distinguishing between a web client access and a port scan 
isn't so hard.  Why must you pretend they're indistinguishable?

David Gillett



---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: