Re: application for an employment

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2006-04-03 David Gillett wrote:
> > > Using a web server is NOT a port scan - in any manner. 
> >
> > A portscan makes a connect(), a web browser makes a connect(). Please
> > explain where exactly you see the difference. Especially on layer 4.
>
>   A port *scan* involves multiple connect() calls (which may or may
> not succeed), to multiple ports and/or multiple addresses.

May involve (though it usually does).

> The connections thus established are not actually used to render the
> service for which the port(s) accept connections.

So what? Why does that make the connect() evil? And I'm NOT talking
about DoS'ing a host here.

>   Distinguishing between a web client access and a port scan isn't so
> hard.  Why must you pretend they're indistinguishable?

You can distinguish between them on layer 4? Please elaborate.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------