Security Basics mailing list archives

RE: application for an employment

From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 30 Mar 2006 09:52:06 -0800

The legitimate reason you have is the simple fact that you 
don't have any other option of determining what services are 
available on a given host or range of hosts.


  Yes you do.

  Suppose you want to send me an email.  By your argument, your
only option is to scan our whole address block(s!) looking for
machines that will answer on port 25.
  Bzzzt!  WRONG!  Do a DNS lookup for the MX records for our
domain.

  Suppose you want to register online to take courses here.  By
your argument, your only option is to scan our address space for
hosts that answer on ports 80 and 443.
  Bzzzt!  WRONG!  Point your browser at the college homepage (you
could Google for it) and follow the links to "Registration".

  Suppose you want to compromise one of our hosts to set up a 
warez server.  By your argument, your only option is to scan our
address space looking for a host running a service for which you
have an exploit available.
  Uh, wait.  You just lost the qualifier "legitimate".

  If I want you to be able to use a service X on host Y, I will
find some way to advertise that service.  If I don't advertise the
service, it may be something that I don't even know is there --
perhaps installed silently by the OS or some legitimate application,
or perhaps by some cracker.  In neither case is there a presumption
that I'm inviting you to use it, if only you can find it.

David Gillett



---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

RE: application for an employment, (continued)
- RE: application for an employment Craig Wright (Mar 28)
- RE: application for an employment Craig Wright (Mar 28)
  - Re: application for an employment Cesc (Mar 29)
- RE: application for an employment Craig Wright (Mar 29)
  - RE: Spam:RE: application for an employment Mark Gorman (Mar 29)
    - Re: Spam:RE: application for an employment Ian Scott (Mar 30)
- RE: application for an employment Craig Wright (Mar 29)
  - RE: application for an employment Murad Talukdar (Mar 29)
- RE: application for an employment Craddock, Larry (Mar 29)
  - Re: application for an employment Ansgar -59cobalt- Wiechers (Mar 30)
    - RE: application for an employment David Gillett (Mar 30)
    - Re: application for an employment Ansgar -59cobalt- Wiechers (Mar 30)
    - RE: application for an employment David Gillett (Mar 31)
    - Re: application for an employment Ansgar -59cobalt- Wiechers (Mar 31)
- RE: application for an employment Craddock, Larry (Mar 30)
  - Re: application for an employment Ansgar -59cobalt- Wiechers (Mar 31)
- RE: application for an employment Mike Fetherston (Mar 30)
- RE: application for an employment Craig Wright (Mar 31)
  - Re: application for an employment Ansgar -59cobalt- Wiechers (Mar 31)
- RE: application for an employment Craig Wright (Mar 31)