Re: Re: [LIP] How to identify a Unix machine....]

[Suresh Ramasubramanian <mallet@xxxxxxx>]

Amarendra GODBOLE rearranged electrons thusly:

> Try running a portscan on yahoo, or microsoft servers, nearly ALL scans are
> blocked. 
 
 dont try it - or you'll get your ip space blocked / complaints sent to your
 ISP - especially not yahoo, after those DDoS attacks they faced recently
 
> If unethical things are not done, everyone is very straightforward, why the
> hell would someone be concerned about security. Both, the crackers as well as
> the people trying to prevent them are dependent on each other.
 
 If you want to run saint, nmap and such, feel free to run them on your own
 network!  I periodically do this to find out open ports on the servers we
 control, and disable the open ports / set ipchains rules to restrict access
 only to certain IPs
 
> Say to check out if the server is properly secured or not, the
> vulnerabilities,  etc..

if it is not your server, and that remote server has not been probing /
spamming your box, do you have any reason to poke at it? ;)

> Portscanning is THE way to test your security policies properly. Afterall, you
> should know HOW effective your firewall is.

test _your_ network, obviously

> The BOTTOMLINE is that, it is YOUR responsibility to secure your server, and 
> make it as secure as possible.
 
 correct
 
> P.S. : Many of Indian sites are very vulnerable. Security policies are not
> proper.  I do not disclose their names here. 
 
 at least one of them got hacked yesterday ... and tehre are lots more (even
 ISPs).
 
-- 
Suresh Ramasubramanian + mallet<@>efn.org
  You spamma my mailbox, I nukea da ass