To use your analogy of rattling a doorknob, assume that the OP were
applying for a security guard position. Now assume that on his way to
drop off his application, he rattled a couple of doorknobs and found that
a few of the ones marked "keep locked at all times" were unlocked. Do you
think the University would want to know about it? My suggestion would be
that you let the University know about it after they have made their
hiring decision. If you get the job, this would be an acceptible use of
your time to scan for open ports. If you don't get the job, you can just
send an email to the netadmin or whomever you might be in contact with
there.
-----
Beau Woods
Information Security Analyst
DeKalb Medical Center
(404)501-3825
beau_woods@dkmc.org
"Craddock, Larry" <l_craddock@wfec.com>
03/24/2006 02:59 PM
To
<security-basics@securityfocus.com>
cc
Subject
RE: application for an employment
Seems to me port scanning is neither picking a lock or seeing a door
hanging
wide open but more like rattling a door to see if it is unlocked. I don't
know about you, but if someone comes by my house and rattles the door to
check whether or not it's locked I'm going to assume he has bad intentions
whether he does or not and he'll need to be prepared for my response.
-----Original Message-----
From: L G [mailto:nitziya74@hotmail.com]
Sent: Wednesday, March 22, 2006 6:23 PM
To: security-basics@securityfocus.com
Subject: Re: application for an employment
This is a good thread which begs further discussion.
I guess the crudest part of my question is, was Mathias picking a lock, or
did he see a door hanging wide open?
And at what point is someone going through an open door versus looking in
a
window versus admiring someone's architecture from the street?
lg
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
CONFIDENTIALITY NOTICE: This e-mail, including attachments, is for the sole use
of the individual(s) to whom it is addressed, and may contain confidential and
privileged information, including HIPAA protected PHI. Any unauthorized review,
use, disclosure, distribution, or reproduction is prohibited. If you have
received this e-mail in error, please notify the sender by reply e-mail and
destroy this message and its attachments in its entirety.
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
