Home page logo
/

basics logo Security Basics mailing list archives

RE: application for an employment
From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 30 Mar 2006 09:52:06 -0800

The legitimate reason you have is the simple fact that you 
don't have any other option of determining what services are 
available on a given host or range of hosts. 

  Yes you do.

  Suppose you want to send me an email.  By your argument, your
only option is to scan our whole address block(s!) looking for
machines that will answer on port 25.
  Bzzzt!  WRONG!  Do a DNS lookup for the MX records for our
domain.

  Suppose you want to register online to take courses here.  By
your argument, your only option is to scan our address space for
hosts that answer on ports 80 and 443.
  Bzzzt!  WRONG!  Point your browser at the college homepage (you
could Google for it) and follow the links to "Registration".

  Suppose you want to compromise one of our hosts to set up a 
warez server.  By your argument, your only option is to scan our
address space looking for a host running a service for which you
have an exploit available.
  Uh, wait.  You just lost the qualifier "legitimate".

  If I want you to be able to use a service X on host Y, I will
find some way to advertise that service.  If I don't advertise the
service, it may be something that I don't even know is there --
perhaps installed silently by the OS or some legitimate application,
or perhaps by some cracker.  In neither case is there a presumption
that I'm inviting you to use it, if only you can find it.

David Gillett



---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault