Re: Scan of TCP 552-554

On Fri, Aug 01, 2003 at 08:25:08AM -0400, Chris Shepherd wrote:
> Quoting Rodrigo Barbosa <rodrigob@suespammers.org>:

As long as I'm the one paying for my Internet uplink (and those are EXPENSIVE here in Brazil), I don't want any traffic on it that is not authorized. And a portscan is definitively samething I did not authorized.

> A policy of having a live person react to a port scan is a little farther than

Don't be so sure. IIRC, there was a bug on same platform that was only exploitable on "closed" ports.

> nor are portscans. The security risks come into play on the

Security risks are one thing. Costing me money is another. Security holes costs money, but portscans use my link. Even worms that are unable to infect my system costs money.

-- 
Rodrigo Barbosa 
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek