Security Incidents mailing list archives
Re: Scanning. Is it a consumer right?
From: hyghlander () MINDSPRING COM (Don Tansey)
Date: Wed, 3 May 2000 17:03:54 -0400
<Mr. Preston's original post not included to keep the size down - it is not intended to be a slight to the poster.> Mr. Preston raises an intersting point that I had not thought of. When all is said and done, a straight TCP/UDP portscan are packets coming your way. They can be passed or dropped, and a log of them kept to keep tabs on future nefarious activity. I'm sorry, but I just don't buy the argument that it's cost in bandwidth and processor requirements to the host are reasons to condemn it. (With the caveat that if the activity reaches the level of a DoS attack all bets are off.) Consumers are able to check into the solvency of publicly held companies and obtain credit reports from renters. They should have the opportunity to determine the security of a website with whom they conduct business. (Though I will stop short of calling it a 'right'.) As I said in my original post though, you better believe that I would keep an eye on the IP addresses from which the scan came, and if the activity were any more intrusive than a simple TCP connect scan, exhibited any "stealth" characteristics <i.e. "halfscans" like Jackal or NMAP), or appeared to come from several places at once ;-> I'd sure as heck track it closely/follow it up.
Current thread:
- Re: Scanning. Is it a consumer right? Don Tansey (May 03)