Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Scanning. Is it dangerous?

From: jburkett () CLEVELAND DYNACS COM (John D. Burkett)
Date: Mon, 1 May 2000 12:00:45 -0400

There was never an alcoholic that didn't have his first drink.
There was never a host comprised that wasn't first discovered.

More in line below...

At 11:12 AM 4/29/00 , Sarunas Krivickas wrote:

Hi folks,

As I see, almost everyone there are worried about some kind of scanning for
own subnets, ports, etc. Do you think it is real danger to you system?


The "scanning" it self ? Well......if I didn't consider bandwidth, CPU time
and recon mapping of your network, I would only THEN answer no.


So if
it is true, the scans as a dangerous actions has to be recognized in your
risk management and IT security policy.


Tho I said "no" above (with qualifications), I would say yes here.


Does the simple scan of your system
has the right place in your policy and also is the trigger to initiate
actions and rise the alarm?


Absolutely.

<<SNIP>>


My question is how the recognized simple scanning is described in your IT
security policy and why scanning is so dangerous for you?


What useful purpose does a "user" have for scanning for random ( or
specific ) hosts, or random ( or specific ) ports on your LAN or someone
elses network ??


Regards,
Sarunas


-John
Previous By Date Next
Previous By Thread Next

Current thread: