Security Incidents mailing list archives
Re: Scanning. Is it dangerous? -reply
From: ljoseph () RICHMOND EDU (Joseph, Lorne)
Date: Mon, 1 May 2000 10:49:43 -0400
IMHO, I believe the major problem with receiving scans from outside of your network in not knowing what the person performing the scan has encountered. One suggestion is to periodically, how often?, perform that same kind of scans from outside of your network to get a Birdseye view of what the person performing the scan sees. Once you have the results of the scans you can patch or secure the vulnerabilities accordingly. If you just let them scan then you won't know when or where they found something. The real question then becomes, do you scan after each scan received? Probably not, you have to determine the amount of resources to at least consistently follow behind these script kiddies and make sure you didn't miss something that you'll regret later. Does anyone agree with me or am I being the extremist? Lorne Joseph Security Specialist University of Richmond 804-289-8655 -----Original Message----- From: Sarunas Krivickas [mailto:KrivickasS () PASTAS KAM LT] Sent: Saturday, April 29, 2000 11:13 AM To: INCIDENTS () SECURITYFOCUS COM Subject: Scanning. Is it dangerous? Hi folks, As I see, almost everyone there are worried about some kind of scanning for own subnets, ports, etc. Do you think it is real danger to you system? So if it is true, the scans as a dangerous actions has to be recognized in your risk management and IT security policy. Does the simple scan of your system has the right place in your policy and also is the trigger to initiate actions and rise the alarm? Of course, we are able to recognize DoS or something like that, but almost all incidents there are talking about simple, usual and not dangerous actions. Yes, you have to think about this kind of actions (I do not call it as attack) if your system is totally unprotected. Lets go to discuss a little bit about subject! My question is how the recognized simple scanning is described in your IT security policy and why scanning is so dangerous for you? Regards, Sarunas
Current thread:
- Re: Scanning. Is it dangerous?, (continued)
- Re: Scanning. Is it dangerous? Sebastian (May 01)
- Re: Scanning. Is it dangerous? Roelof Temmingh (May 01)
- DNS Probes Damian Gerow (May 01)
- Re: Scanning. Is it dangerous? John D. Burkett (May 01)
- Re: Scanning. Is it dangerous? Rune Kristian Viken (May 07)
- Re: Scanning. Is it dangerous? Ryan Russell (May 01)
- Re: Scanning. Is it dangerous? jms (May 02)
- Re: Scanning. Is it dangerous? Jose Nazario (May 03)
- Scanning. Is it a consumer right? ethan preston (May 02)
- Re: Scanning. Is it dangerous? jms (May 02)
- Re: Scanning. Is it dangerous? Russell Fulton (May 01)
- Re: Scanning. Is it dangerous? -reply Joseph, Lorne (May 01)
- Re: Scanning. Is it dangerous? Don Tansey (May 01)
- Re: Scanning. Is it dangerous? Igor Gashinsky (May 02)