North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: "portscans" (was Re: Arbor Networks DoS defense product)
"Stephen J. Wilcox" <firstname.lastname@example.org> writes: > On 18 May 2002, Scott Gifford wrote: > > > > > Scott Francis <email@example.com> writes: > > > > [...] > > > > > And why, pray tell, would some unknown and unaffiliated person > > > be scanning my network to gather information or run recon if > > > they were not planning on attacking? I'm not saying that you're > > > not right, I'm just saying that so far I have heard no valid > > > non-attack reasons for portscans (other than those run by > > > network admins against their own networks). > > > > Before choosing an onling bank, I portscanned the networks of the > > banks I was considering. It was the only way I could find to get > > a rough assessment of their network security, which was important > > to me as a customer for obvious reasons. > > I would argue that this is not good practice and you dont have the > right to intrude on the workings of the banks network just because > you have the technology to do so.. if a telnet port was open would > you also check that you were unable to brute force your way in? That > is to say.. what exactly were you hoping to find and then do with > the results? I'm not arguing it's good practice. I'm giving it as an example of a reason why somebody might scan your network, even though they were not planning on attacking. ----ScottG.