Home page logo
/

basics logo Security Basics mailing list archives

Re: FW: Legal? Road Runner proactive scanning.[Scanned]
From: Derek Schaible <dschaible () cssiinc com>
Date: 17 Mar 2004 13:08:02 -0500

On Tue, 2004-03-16 at 14:01, Charles Otstot wrote:
Jef Feltman wrote:
I think you might have trouble convincing others that your actions do 
not pose a problem. Simply having a host on the Internet does not 
automatically mean that one has the right to see what might be 
*technically* available on that host as opposed as to what the host's 
owners intended to be available. To refer to your analogy, the shop 
owner does not (in general) have the responsibility to lock the door and 
provide those who need access with a key. Rather, outsiders have the 
responsibility (both moral and legal) to stay out unless invited in.

If a host is on the Internet, how are people supposed to know its there?
We accept allowing sites such as Google to come and index them for
search engines, if indeed they are running http. However, there are
many, many other services that can be provided and not all are
accessible through some means such as this.

When any host is put on the Internet and open you are inviting the
public to browse your machine in some manner. Port scanning is a means
to see what manners are available. One can only assume that if a service
is "technically" available, it was intended to be available. There are
many tools at our disposal to ensure that only our intended services are
being made available - such as Port Scanning.

This debate has been beaten to death. Accept the fact that mere port
scanning causes no harm anyway. If someone is being malicious in the
packets they are crafting to scan your host and causing harm you may
have a leg to stand on if you can supply the logs to support your
theory, perhaps you need a better firewall that can stop this behavior
(a simple iptables script can put a stop to that) or get better locks
:-)

-- 
Derek Schaible <dschaible () cssiinc com>
CSSI, Inc.

Attachment: signature.asc
Description: This is a digitally signed message part


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault