Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: Re: application for an employment

Re: application for an employment

From: Ansgar -59cobalt- Wiechers <bugtraq_at_planetcobalt.net>
Date: Sat, 1 Apr 2006 21:13:47 +0200

On 2006-04-01 Craig Wright wrote:
> If you port scan to find everything, how long does it take you to find
> anything?

We were discussing whether I'm allowed to do that. It doesn't matter to
this discussion how long it takes me or if personally do it at all.

> Lets take the example of seeing if there are other ports open. How do
> you think that scanning will find public valid services?

An open port is a public service, unless the service requires
authentication of some sort.

> Or are you stating that you are looking for other services that are
> NOT public - such as SSH or Telnet which are not secured?

Nice rhetoric. But wrong.

> Are you looking for SMTP servers so that you can check if they have an
> open relay? Are you looking for FTP servers that are not locked down
> so that you can load files without permission?

Again you wrongly assume I would need permission beforehand. I don't.
Just like I can walk through the mall and look what shops are there I
can look at a host and see what services it provides. I can even enter
the shops and look around, as long as there's no sign telling me to "go
away".

> Looking for port 80 will not always find a web site (nor will it help
> find information). A single IP address can have numerous sites that
> are accessed using host headers - so knowing the IP may not allow
> access to the site per se.

We're talking about layer 4 here.

> Please explain what you are looking for - what VALID reason you have
> to scan for open ports.

No, Craig. Please explain, what VALID reason I have not to.

I said it before, and I'm going to repeat it: the Internet is a public
network, and so all hosts on it and all services provided in it are
public, too. I have no reason whatsoever to assume that a service is
provided unintentionally.

And PLEASE get your quoting fixed, because it sucks. Big time.

Regards
Ansgar Wiechers 

-- 
"Der Computer ist da, um zu rechnen, nicht um Ausreden wie 'Kann nicht
durch Null teilen' auf den Bildschirm zu schreiben."
--Marco Haschka in de.org.ccc
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Received on Apr 03 2006
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos