Home page logo
/

basics logo Security Basics mailing list archives

RE: FW: Legal? Road Runner proactive scanning.[Scanned]
From: "Shawn Jackson" <sjackson () horizonusa com>
Date: Thu, 18 Mar 2004 08:58:08 -0800

I'll agree that the hotel analogy is flawed, because the effort
required by the hotel 
operator to answer such questions is proportionally much larger than
the effort required 
of a host and associated network equipment to process a bunch of
niladic 
connection requests.

I've done aggressive portscans on all kinds of different hosts and would
be very surprised
to see even a low-end box register a meaningful difference in a uptime
printout.

But this is a "fundamental" flaw ONLY if you assert that the effort in
the network 
case is ZERO -- and it's not.  The threshold at which it becomes a
denial of service 
is much higher, thankfully, but even without reaching that threshold
it's an abuse of 
the host owner's bandwidth and CPU resources for connections which the 
scanner never intends to actually use.

The flaw is more 'fundamental' then just a incorrect assertion of
resource use. First lets
get out what a port is. A port is a communications channel for which the
operating system
uses to translate network traffic to a process or thread running within
the operating system.
The port itself is not the process or thread and does not respond or
process requests, it is 
merely the visible edge of the translation system. Now, that said that
'process' is extremely 
quick, yes even in Windows :-), and doesn't cost that much in the way of
CPU load, memory usage,
etc. Additionally, portscan packets are extremely small, basically just
a quick SYN->ACK sequence
so even a aggressive portscan won't use that much network bandwidth.

(Actually, this illustrates an aspect which the "rattling doorknobs and
windows" analogy 
completely fails to capture.) Portscans have costs and, in some cases,
consequences.  
These are usually quite minor, but that's a matter of degree rather
than of ethical principle.

Portscans do have costs, but a portscan is un-intrusive by nature. It
doesn't care what a service
is, or how it works. All it cares about is the port open. You can't
compare a portscan to doors
or windows because they functions are fundamentally different, A
portscan would be more like 
saying, is there a door there, not actually using it. Ethics should play
a major role in how 
you use any hacking tool, IMHO.

Shawn Jackson
Systems Administrator
Horizon USA
1190 Trademark Dr #107
Reno NV 89521

www.horizonusa.com
Email: sjackson () horizonusa com
Phone: (775) 858-2338
       (800) 325-1199 x338

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]