Security Incidents mailing list archives
Re: Scanning. Is it dangerous?
From: roelof () SENSEPOST COM (Roelof Temmingh)
Date: Mon, 1 May 2000 11:34:31 +0200
I agree. I want to extend the discussion to the configuration of Intrusion Detection Systems. Should an IDS trigger on a portscan from outside? For me this does not make sense. As soon as you disregard 1 warning from an IDS you can just as well throw it out the window - and a small to medium Internet-connected company will receive between 2 and 10 scans a week. my 2c, Roelof ------------------------------------------------------ Roelof W Temmingh SensePost IT security roelof () sensepost com +27 83 448 6996 http://www.sensepost.com On Sat, 29 Apr 2000, Sarunas Krivickas wrote: +Hi folks, + +As I see, almost everyone there are worried about some kind of scanning for +own subnets, ports, etc. Do you think it is real danger to you system? So if +it is true, the scans as a dangerous actions has to be recognized in your +risk management and IT security policy. Does the simple scan of your system +has the right place in your policy and also is the trigger to initiate +actions and rise the alarm? Of course, we are able to recognize DoS or +something like that, but almost all incidents there are talking about +simple, usual and not dangerous actions. Yes, you have to think about this +kind of actions (I do not call it as attack) if your system is totally +unprotected. +Lets go to discuss a little bit about subject! +My question is how the recognized simple scanning is described in your IT +security policy and why scanning is so dangerous for you? + +Regards, +Sarunas +
Current thread:
- Scanning. Is it dangerous? Sarunas Krivickas (Apr 29)
- Re: Scanning. Is it dangerous? Sebastian (May 01)
- Re: Scanning. Is it dangerous? Roelof Temmingh (May 01)
- DNS Probes Damian Gerow (May 01)
- Re: Scanning. Is it dangerous? John D. Burkett (May 01)
- Re: Scanning. Is it dangerous? Rune Kristian Viken (May 07)
- Re: Scanning. Is it dangerous? Ryan Russell (May 01)
- Re: Scanning. Is it dangerous? jms (May 02)
- Re: Scanning. Is it dangerous? Jose Nazario (May 03)
- Scanning. Is it a consumer right? ethan preston (May 02)
- Re: Scanning. Is it dangerous? jms (May 02)
- Re: Scanning. Is it dangerous? Russell Fulton (May 01)
- <Possible follow-ups>
- Re: Scanning. Is it dangerous? -reply Joseph, Lorne (May 01)
- Re: Scanning. Is it dangerous? Don Tansey (May 01)
(Thread continues...)