[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [dvd-discuss] e: portscanning
- To: dvd-discuss(at)cyber.law.harvard.edu
- Subject: RE: [dvd-discuss] e: portscanning
- From: Michael.A.Rolenz(at)aero.org
- Date: Tue, 23 Oct 2001 13:51:54 -0700
- Reply-To: dvd-discuss(at)cyber.law.harvard.edu
- Sender: owner-dvd-discuss(at)cyber.law.harvard.edu
>
>> law. BTW- Earthlink's policy is that using "ping" is a violation of the
>> service agreement.
>
>lol... and how are you supposed to check for basic connectivity in case
of
>a problem?
I don't use ping, I use tracert! :-)
(and have on numerous occasions when I'm getting dozens of port scans in a
few minutes. The one's I love are when they come from the same computer
for successive port numbers...but technically I have never used ping on
earthlink)
>
>Honestly, I use NMAP (and other scanners) all the time, it has a lot of
>purposes besides planning a break-in. It's good to know who your
>neighbors are.
>
>f.e.: If I see I have 35 other windows hosts on my subnet, I
>might think about hardening my windows machines a little more against
>abuse.
>
>mainly though, I use NMAP against only my own machines to make sure there
>aren't any surprises. Sometimes it is usefull against machines I have
>permission to access, f.e. my university server, it helps to see wether a
>problem is on my end or not if I can see "oh I see the portmapper isn't
>running", etc.
>
>to me, offering internet service but saying:
>"oh yeah, outgoing access to ports 25, 13, and 46 is blocked, incoming
>access to ports 80 and 24 are blocked, and we don't support telnet or
>ping."
>
>is akin to saying:
>"ok your new phone lines are hooked up, and you can dial all local
>numbers, except for those in exchange 610 or 437, and people in exchange
>213 can't call you. We don't support FAX or caller ID, but they might
>work."
>
> -- noah silva
>
>
>>
In the "olden days" of the internet that's exactly what the situation was
like. A friend of mine was on BITNET and I was on the arpanet (direct line
to USCs switch). BITNET would not support ping, finger or traceroute and
blocked them at CUNY. I'll agree that blocking finger, ping, traceroute is
pretty silly but other internet services are really up to the person
putting the machine on the net. If somebody wants to block telnet ftp or
whatever internet service they choose they can and should. Services such
as telnet or ftp are a security risk (notice I used the word risk.If the
benefits don't outweigh the risk don't allow them). Furthermore, the
computer exists for its owner's benefit not others. There is no reason why
somebody should expect to get free computing time on somebody else's
computer which causes the owner to spend more time getting their work or
fun done.Also straightening out the mess that a remote user can make can
be rather tedious and time consuming.