Re: application for an employment

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2006-04-04 c.s.wright () unn ac uk wrote:
> > > Using a web server is NOT a port scan - in any manner. 
> >
> > A portscan makes a connect(), a web browser makes a connect(). Please
> > explain where exactly you see the difference. Especially on layer 4.
>
> Generally a port scan does not consist of connection to a single port
> on a single host. Sending a mail message is TCP 25. I connect. 1 Port.
> Using a web browser is TCP 80 (or other in some instances) 1 port 1
> connect.

So what? When using FTP I connect to more than one port, too, whereas a
web browser may open several connections to port 80 on the server. That
doesn't make one connect() evil whereas another isn't.

> Next a port scanner opens a port and does not complete the session. It
> opens and completes the TCP handshake (full scan - half scans, SYN etc
> even less).

So what? After a short while the session times out. TCP is explicitly
designed to handle this. That also doesn't make one connect() evil
whereas another isn't.

> A mail client connects to the SMTP server and sends a message (eg
> EHLO... HELO etc)

Irrelevant, because this happens on a higher layer and after the
connect() was done.

> Connecting to a range of ports and closing the connection is nothing
> like sending and email nor using a browser.

Being not like mail or web doesn't make something illegal.

> A web client connects and send a request (eg GET / ...)

Again: irrelevant, because this happens on a higher layer.

> > > *public* internet addressing does not mean *public access*
> >
> > Of course it does mean exactly that, unless authentication of some
> > sort is required.
>
> Wrong sorry. An airport lounge is generally considered public, but the
> airline who owns it still has the legal rights (as property owner -,
> inc leasing) to restrict access and control what you are allowed to
> do.

Once access to a place is restricted, that place obviously is no longer
public. And we were not talking about what I'm allowed to do when I get
there, but whether I'm allowed to get there.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------