Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: application for an employment

From: "c.s.wright" <c.s.wright () unn ac uk>
Date: Tue, 4 Apr 2006 01:12:20 +0100
Using a web server is NOT a port scan - in any manner. 



A portscan makes a connect(), a web browser makes a connect(). Please

explain where exactly you see the difference. Especially on layer 4.

Generally a port scan does not consist of connection to a single port on a
single host. Sending a mail message is TCP 25. I connect. 1 Port. Using a
web browser is TCP 80 (or other in some instances) 1 port 1 connect.

Next a port scanner opens a port and does not complete the session. It opens
and completes the TCP handshake (full scan - half scans, SYN etc even less).
A mail client connects to the SMTP server and sends a message (eg EHLO...
HELO etc)

Connecting to a range of ports and closing the connection is nothing like
sending and email nor using a browser.

A web client connects and send a request (eg GET / ...)


*public* internet addressing does not mean *public access*



Of course it does mean exactly that, unless authentication of some sort is

required.

Wrong sorry. An airport lounge is generally considered public, but the
airline who owns it still has the legal rights (as property owner -, inc
leasing) to restrict access and control what you are allowed to do.

Craig S Wright

====
This e-mail is intended solely for the addressee. It may contain private and
confidential information. If you are not the intended addressee, please take
no action based on it nor show a copy to anyone. Please reply to this e-mail
to highlight the error. You should also be aware that all electronic mail
from, to, or within Northumbria University may be the subject of a request
under the Freedom of Information Act 2000 and related legislation, and
therefore may be required to be disclosed to third parties.
This e-mail and attachments have been scanned for viruses prior to leaving
Northumbria University. Northumbria University will not be liable for any
losses as a result of any viruses being passed on.


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: