Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Scanning--more then one side to the argument

from [Shand] Network Security [Permanent Link]
Subject: Re: Scanning--more then one side to the argument
Date: Wed, 30 Mar 2005 15:33:01 -0500 
External scans.

Against customer using our internet service.

Does a port have to show as "open" or can they for usability show only as filtered, closed?

Thoughts?

Shand




----- Original Message ----- From: "Steve Fletcher" <safletcher@insightbb.com>
To: "'Sherman Hand'" <shand@adelphia.net>; <security-basics@securityfocus.com>
Sent: Wednesday, March 30, 2005 3:18 PM
Subject: RE: Scanning--more then one side to the argument


I have a question regarding this.  Are you talking about doing an external
scan or an internal scan?  I assume an external, because an internal scan
should show a LOT of open ports.

I would say that any open port POTENTIALLY could be a security issue waiting
to happen, but common sense dictates that some ports must be open for
usability reasons. Plus, if you're going to follow this line of thought,
the fact that the systems are connected to the Internet AT ALL poses a
potential risk. Or, just being networked could be a risk. Or, being
powered on poses a potential risk.

So, based on this, sure it COULD be a security risk waiting to happen, but
more information needs to be gathered to determine the true extent of the
risk. And, it must be reevaluated at regular intervals to catch new issues
that might have come up since the last scan. What is safe now might not be
6 months from now.

Hope this helps.

Steve Fletcher
MCSE (NT4/Win2k), MCSE: Security (Win2k), HP Master ASE, CCNA, Security+
safletcher@insightbb.com

-----Original Message-----
From: Sherman Hand [mailto:shand@adelphia.net]
Sent: Wednesday, March 30, 2005 5:05 PM
To: security-basics@securityfocus.com
Subject: Scanning--more then one side to the argument



There has been a on going discussion about the scanning results on our
customers.

Thought one says that "any" port on a standard nmap, showing as "open" is a
security risk.

Thought two says, no since some things need to show in a state of open.

Should we be stating that through proactive scan, when we find any port
showing as open, that it is a security issue waiting to happen?

Or only if we can show a issue?

Thoughts?

Shand





---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security professionals. Norwich University is fulfilling this demand with its MS in Information Security offered online. Recognized by the NSA as an academically excellent program, NU offers you the opportunity to earn your degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Scanning--more then one side to the argument, Sherman Hand
Next by Date:  Re: Scanning--more then one side to the argument, Barrie Dempster
Previous by Thread:  RE: Scanning--more then one side to the argument, Steve Fletcher
Next by Thread:  RE: Scanning--more then one side to the argument, Steve Fletcher
Indexes:  [Date] [Thread] [Top] [All Lists]