RE: RE: portscanner

And I thought I had a hair trigger!

JJ, there are plenty of legitimate reasons to build a portscanner into an application. As an admin, I have four different KINDS of portscanners - and I've never been anything but a white-hat. I use portscans to validate my network security; to check that all the required services on a remote system are working (this has advantages over process-checking); to check for active trojans and NetBus-style programs; and, in one rare case, as an authentication tool. (I spent some time trying to create an ultra-secure system; one technique I liked was to create simple "bounce-back" servers that sat on three odd ports on the client system. If the client requesting access to the system had those three ports open, but no others, and the valid key, it was permitted access.)

Can a portscanner be used for cracking? Certainly. A crowbar can be used for a break-in, too. That doesn't mean I think everyone I see in the hardware store looking for a crowbar is a burglar.

The rest of your answer was good, and as it happens, I agree that SoPW isn't a place for total solutions - but it is a place for someone to ask questions. Which this person did. He (or she) even thanked the person who answered their question, and just in case they aren't around at the moment, I'll thank you for that list of resources. It's very good, and should be a mini-FAQ we can point other newbies to.

One more detail, just in case this particular portscanner is intended for ungood purposes;

Don't.

Portscanners have been around for a long time. If you use a portscanner that simple for illegitimate purposes against someone's network - say, mine - your source IP will be logged and I'll know it before the scan's complete. Which will make me take an interest in who you are, where you are, and which ISP you're soon to be formerly using. No threat, just a warning; there are stupid admins out there, no doubt about it, but these days even the stupid ones have better security than that.

- Ozymandias

Comment on RE: RE: portscanner

Replies are listed 'Best First'.
RE: RE: RE: portscanner by jjhorner (Hermit) on Jun 12, 2000 at 19:57 UTC
I agree with you. As a system admin I make use of dual-use tools all the time. I was just warning that there are moral implications to making something that can be used as a tool and a weapon. Look at fission: Very good and very bad. Look at guns: Very good and very bad. Look at hemp: very good, very bad, and sometimes very illegal. I was just giving a gentle reminder that there are questionable uses for things, but I didn't mean to imply that the only use for such tools was bad. Thanks for pointing out my somewhat misleading response. J. J. Horner Linux, Perl, Apache, Stronghold, Unix jhorner@knoxlug.org http://www.knoxlug.org/	[reply]

Replies are listed 'Best First'.

RE: RE: RE: portscanner
by jjhorner (Hermit) on Jun 12, 2000 at 19:57 UTC

I agree with you. As a system admin I make use of dual-use tools all the time. I was just warning that there are moral implications to making something that can be used as a tool and a weapon. Look at fission: Very good and very bad. Look at guns: Very good and very bad. Look at hemp: very good, very bad, and sometimes very illegal.

I was just giving a gentle reminder that there are questionable uses for things, but I didn't mean to imply that the only use for such tools was bad.

Thanks for pointing out my somewhat misleading response.

J. J. Horner
Linux, Perl, Apache, Stronghold, Unix
jhorner@knoxlug.org http://www.knoxlug.org/

[reply]