[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sheflug] Re: Security : Port scanning
On Thu, 8 May 2003 12:14:39 +0100
Richard Ibbotson <richard [at] sheflug.co.uk> wrote:
> Martin
>
> > Spoofing an adress for port scanning isn't likely to be of much
> > use as you can't see the results coming back or am I missing
> > something?
>
>
> If I was a certain type of person - I think we call them black hats -
> then I could run a cloaked DNS and do something from there. The
> security services of a country or a commercial country might be able
> to track me down eventually but by that time I'll be somewhere else.
So in what way does a cloaded DNS enable you to see the results
of a spoofed port scan?
I'm not trying to imply that there are no security hazards but the
question of port scanning and spoofing is one thing that in many ways
should be possible to trace and in some ways fix. Either to a
exploited box, which needs to be fixed or to someone thats running a
port scanner who needs to be reminded of their service agreement.
I stand by my statment so far that there's no reason to port scan if you
can't see the results.
--
Regards,
M
Martin Sillence
PR Newswire
DL +44 (0)1865 78 5065
F +44 (0)1865 78 5100
W www.prnewswire.co.uk
---------------------------------------
"We tell your story to the world."
NEWS TARGETING * REGULATORY & GLOBAL NEWS DISTRIBUTION * MULTIMEDIA *
NEWS MONITORING
Any views or opinions are solely those of the author and do not
necessarily represent those of PR Newswire Europe. The e-mail contents
are intended only for addressee and may contain confidential and/or
privileged material. If you are not the intended recipient, please do
not read, copy, use or disclose this communication
___________________________________________________________________
Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html
GNU the choice of a complete generation.