[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: [LIP] How to identify a Unix machine....]
- To: linux-india-general@xxxxxxxxxxxxxxxxxxxxx
- Subject: Re: [LIP] How to identify a Unix machine....]
- From: Amarendra GODBOLE <amarg@xxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 16 Dec 2000 12:25:00 +0530
- In-reply-to: <20001216172655.B2491440@ecr.mu.oz.au>; from rsubr@ecr.mu.oz.au on Sat, Dec 16, 2000 at 05:26:55PM +1100
- References: <20001216172655.B2491440@ecr.mu.oz.au>
- User-agent: Mutt/1.2.5i
On Sat, Dec 16, 2000, the greycells of Raja Subramanian expressed:
> Suresh Ramasubramanian wrote (mallet@xxxxxxx):
>
> > Raju Mathur rearranged electrons thusly:
> >
> > > Nah, don't bother with running nmap, you may get caught. Just use
> >
> > not all do. and nmap also lists open ports.
> >
>
> There seems to be a wave of posts recommending/suggesting port scanning
> someone else's machine to figure what it is running. None of the posters
> seemed to have indicated the dangers involved in port scans.
>
> Port scanning is unethical! Any concerned sysadmin will regard a port scan as
> a hacker/cracker trying to identify weakness' in the system (nomatter how
> innocent your intentions may be). Most machines may even add you to the
> hosts.deny list automagically if it detects a port scan.
See, if a sysadmin does not want his server to be vulnerable, it is his
responsibility to secure it. If he does not do that, something is bound to happen
some other day, and he is to be blamed for it.
Try running a portscan on yahoo, or microsoft servers, nearly ALL scans are
blocked.
>
> Worse still, if you are doing this on your employers machines, be ready to
> lose your job.
>
> In general there are several things that a computer system cannot prevent you
> from doing - eg. port scanning, packet sniffing, etc - and you might be able
> to do these things. This does not mean that you are allowed to do them. And
> the more you learn, the more things you can do... and more reasons to remember
> this simple rule.
If unethical things are not done, everyone is very straightforward, why the hell
would someone be concerned about security. Both, the crackers as well as the people
trying to prevent them are dependent on each other.
>
> I still have my doubts when someone wants to find out what OS an alien
> computer is running. Why would you want to know that??
The motive of a cracker is well known, and the motive of a !cracker might me any.
Say to check out if the server is properly secured or not, the vulnerabilities,
etc..
Portscanning is THE way to test your security policies properly. Afterall, you
should know HOW effective your firewall is.
If you browse thru any firewalling mail lists concerned with Linux, you will
find 'nmap'(http://www.insecure.org) listed as the BEST benchmarking tool.
The BOTTOMLINE is that, it is YOUR responsibility to secure your server, and
make it as secure as possible.
P.S. : Many of Indian sites are very vulnerable. Security policies are not proper.
I do not disclose their names here.
This mail is OT, and I am posting it to LIG. Followups there.
--
Amarendra GODBOLE (http://ag.dnsq.org)
Public Key: http://pubkey.dnsq.org
18.97 deg. N / 72.83 deg. E
+0530 GMT