Home page logo

basics logo Security Basics mailing list archives

Re: FW: Legal? Road Runner proactive scanning.[Scanned]
From: "Bryan S. Sampsel" <bsampsel () libertyactivist org>
Date: Thu, 11 Mar 2004 18:01:29 -0700 (MST)

On Thu, 11 Mar 2004, James P. Saveker wrote:

Date: Thu, 11 Mar 2004 22:08:27 -0000
From: James P. Saveker <james () wetgoat net>
To: security-basics () securityfocus com
Subject: FW: Legal?  Road Runner proactive scanning.[Scanned]

You consider a port scan to be an attack?

Why is a port scan an attack?  Do other people on this list agree with this?

Perhaps I am naive,

Yes, I consider a port scan to be an attack.  It is a probe to inspect my 
system, quite often a precursor to an actual attack if performed 

It is not unusual to look at a port scan in this fashion...

To be more explicit, sometimes a portscan can be an indicator of system 
problems elsewhere.  I once reported activity from one particular 
server...the owner replied that he wasn't running any sotware like that 
and after inspecting his box, found he had a rootkit installed.  The user 
of the rootkit was probing my system.

One offender found he had a virus-infected system out there...never had a 
problem after that.

I've correlated data between port-scans and failed attempts to exploit my 
ftp daemon.  Makes for some interesting stuff sometimes...

IMO, yes, a portscan is an attempted breach.


"Let your gun be your constant companion on your
walks...this gives exercise to the mind and independence 
to the mind...no free man shall ever be debarred the use 
of arms." 
                        --Thomas Jefferson

Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]