[47943] in North American Network Operators' Group
Re: "portscans" (was Re: Arbor Networks DoS defense product)
daemon@ATHENA.MIT.EDU (Scott Francis)
Sat May 18 23:10:11 2002
Date: Sat, 18 May 2002 20:07:22 -0700
From: Scott Francis <darkuncle@darkuncle.net>
To: Ralph Doncaster <ralph@istop.com>
Cc: nanog@merit.edu
Message-ID: <20020519030722.GB69382@darkuncle.net>
Mail-Followup-To: Scott Francis <darkuncle@darkuncle.net>,
Ralph Doncaster <ralph@istop.com>, nanog@merit.edu
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-ripemd160;
protocol="application/pgp-signature"; boundary="ADZbWkCsHQ7r3kzd"
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.21.0205181913520.13686-100000@cpu1693.adsl.bellglobal.com>
Errors-To: owner-nanog-outgoing@merit.edu
--ADZbWkCsHQ7r3kzd
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, May 18, 2002 at 07:17:43PM -0400, ralph@istop.com said:
[snip]
> > network to gather information or run recon if they were not planning on
> > attacking? I'm not saying that you're not right, I'm just saying that s=
o far
> > I have heard no valid non-attack reasons for portscans (other than thos=
e run
> > by network admins against their own networks).
>=20
> I often like to know if a particular web server is running Unix or
> Winblows. A port scanner is a useful tool in making that determination.
a full-blown portscan is not required here. A simple telnet to port 80 will
do the job.
> <sarcasm>
> And why, pray tell, would some stranger be carrying a concealed gun if
> they were not planning on shooting someone?
> </sarcasm>
Show me how to defend myself from attack by portscanning the networks of
random strangers, and I will concede the point. :)
--=20
Scott Francis darkuncle@ [home:] d a r k u n c l e . n e t
Systems/Network Manager sfrancis@ [work:] t o n o s . c o m
GPG public key 0xCB33CCA7 illum oportet crescere me autem minui
--ADZbWkCsHQ7r3kzd
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
iQIXAwUBPOcW6YgCD7rLM8ynFAOZGAf/dywI0PeWGhgEc0mqNI8UjZ4iJ9z9kIiT
7NJ63ivAeBbGbl8JMj3AiSN5Tq7+KwNmV/C01SD1oKnuWI4AlW9+bvu2uh9JC2Sv
0eiD0vTy4KoEXLXAr8Mev2e8cIqvfA+uqkzWVN91vnNHP/6jxHVSKwtsxtxdkmsx
igucBNIUAGusHqzQcXECELvHi4c3ZBJCSqAOEWvD9UMUpwaSSX4DNJpxsb0BRost
o5yhqKQB4GWNVobee754q6UtHr3ig0ymOORkQBty0vQc5ylrf39bECDTZLvoV+AK
tJ0mh22ZXnPF61TuwFM6P708bqpw5zE7aVC5kTB4ARM400aog8dVBwf8DKu7V/RW
fd5QH53QycW1j2m78hwEP68oyHoCkPnOssC14RI8ibrHMrs7cTZyMnO3Ldseg7yK
b5O4W2KwZ8b73PNrMwnHChfUH79vilSiAylHmi5BXJnLZDWS0pMPFDbo3B+3G4HM
ZIIOvTezdBOBoIapgPh+6fT0fp/5ljgQZqzo6gaLGNevmtalED629gomJ96OLFun
zeGzgGi3i1NHpNMRSWGHdnFAvnmUx2JuDlyUXLybgbWZQZ8TSLVSS/yfcdrtMUWh
BWyEatKhqEE6oFW7VUKjjh83dWdyqacBAytpbj2QfILvXZsPFOmaVA3CpIm619UD
yKOspquPFbKfyg==
=IUF4
-----END PGP SIGNATURE-----
--ADZbWkCsHQ7r3kzd--
