[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [dvd-discuss] e: portscanning



>
>> law. BTW- Earthlink's policy is that using "ping" is a violation of the 
>> service agreement.
>
>lol... and how are you supposed to check for basic connectivity in case 
of
>a problem?

I don't use ping, I use tracert! :-)

(and have on numerous occasions when I'm getting dozens of port scans in a 
few minutes. The one's I love are when they come from the same computer 
for successive port numbers...but technically I have never used ping on 
earthlink)

>
>Honestly, I use NMAP (and other scanners) all the time, it has a lot of
>purposes besides planning a break-in.  It's good to know who your
>neighbors are. 

>
>f.e.: If I see I have 35 other windows hosts on my subnet, I
>might think about hardening my windows machines a little more against
>abuse.
>
>mainly though, I use NMAP against only my own machines to make sure there
>aren't any surprises.  Sometimes it is usefull against machines I have
>permission to access, f.e. my university server, it helps to see wether a
>problem is on my end or not if I can see "oh I see the portmapper isn't
>running", etc.
>
>to me, offering internet service but saying:
>"oh yeah, outgoing access to ports 25, 13, and 46 is blocked, incoming
>access to ports 80 and 24 are blocked, and we don't support telnet or
>ping."
>
>is akin to saying:
>"ok your new phone lines are hooked up, and you can dial all local
>numbers, except for those in exchange 610 or 437, and people in exchange
>213 can't call you.  We don't support FAX or caller ID, but they might
>work."
>
>  -- noah silva
>
>
>>

In the "olden days" of the internet that's exactly what the situation was 
like. A friend of mine was on BITNET and I was on the arpanet (direct line 
to USCs switch). BITNET would not support ping, finger or traceroute and 
blocked them at CUNY. I'll agree that blocking finger, ping, traceroute is 
pretty silly but other internet services are really up to the person 
putting the machine on the net.  If somebody wants to block telnet ftp or 
whatever internet service they choose they can and should. Services such 
as telnet or ftp are a security risk (notice I used the word risk.If the 
benefits don't outweigh the risk don't allow them). Furthermore, the 
computer exists for its owner's benefit not others. There is no reason why 
somebody should expect to get free computing time on somebody else's 
computer which causes the owner to spend more time getting their work or 
fun done.Also straightening out the mess that a remote user can make can 
be rather tedious and time consuming.