[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: port-scanning. advise?

On Sat, Jan 13, 2001 at 11:50:48AM -0500, Noah L. Meyerhans wrote:
> This is a subject of debate in security circles.  Some believe that
> portscanning is an indication of malicious intent and should be treated
> as such.  

	Some people who fall into the above category would be those whose
systems are not up to the challenge of even being scanned, much less
hacked.  For example, when I was the Mac Lab admin at my University, I was
bored one day and decided to portscan one of the Macs in my lab to see how
secure it was.  I believe they were running an early version of MacOS 9 at the
time.  I used nmap with no flags except to scan _all_ ports (1-65535), and
after a short while it reported none open.  I then told it to scan all UDP
ports.  It took a very long time.  In fact, an hour later, nmap still wasn't
done.  I went and checked on the Mac: it was hard locked.  Just from a port
scan!  For those that care, I believe (and hope) that they fixed this in later
revisions of MacOS 9.  The moral of the story?  Be careful who you scan, they
may care, and be careful what OS you use for critical services.

Reply to: