On 2006-03-31 Craig Wright wrote:
The idea that you as a general Internet user have to scan a host to
find services is technically wrong and ludicrous in its inception.
Never has this been the case. The idea that having to connect to a
service could be justification for port scanning is incredulous to
state the least.
Please elaborate. Why do you believe this to be technically wrong. What
other mechanism than portscanning do you have at hand that will give you
an overview of which hosts run which services in a given network range?
Most people who use the Internet in any of its means do not port scan
systems.
Entirely besides the point.
This is a simple reasonableness test. If you want to send mail - do
you have to scan a site - the answer, No. When going to a web site do
you have to check if the have an IPsec VPN to the host, the answer,
No.
How do I find out about the mail server? How do I find out about the
webserver? How do I get permission to access them?
The idea that completing a DNS request could be in ANY way equated to
port scanning is ignorant and negligent as a suggestion given the
knowledge of the person who stated it.
Wrong. The only technical differences between a portscanner and dig are:
- A portscan will report that a port is open/closed/filtered, whereas
dig will retrieve data after the connect.
- A portscan may be run against a range of ports and/or a range of hosts
(giving you an overview of the network), whereas dig will only connect
to a single port on a single host.
Google crawls sites. It goes from link to link. This is a valid use of
a web spyder. This is not port scanning. Google reads the robots.txt
file and acts (unlike some search engines) in accordance with the
sites policy (if they have one).
How can it do this without actually connecting to the webserver port?
And how does Google get started in the first place? How do I get
permission to access Google? How is Google different from me running my
own search engine?
In response to: Bottom line: "If you don't want your property
trespassed, don't put it into public places"
Rights (for right or wrong) are rights.
True. But I seriously doubt that some rights claimed in this discussion
actually exist That's what I'm objecting to.
[...]
Ansgar stated:"The network is public and so is every service on it".
Wrong. The idea that you can argue a secured VPN concentrator is public
is foolish.
Of course the concentrator itself (i.e. its external interface) is
public. However, everything behind it isn't. That's why it has
authentication. The concentrator is a boundary separating private from
public.
Nothing is ever 100% (NOTHING) Secure. Not ever, not possible, not
achievable. The likelihood may be close to 0 of an attack - but it is
NEVER going to be zero.
True. But again entirely besides the point.
Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
