[Courses] [Security] Nmap -- looking from the outside in
Raven, corporate courtesan
raven at oneeyedcrow.net
Mon Mar 11 16:51:51 EST 2002
Heya --
Quoth coldfire (Mon, Mar 11, 2002 at 02:37:55PM -0500):
> just a tid bit ... nmap shouldn't provide an absolute feeling of security
> as it won't always uncover any/all open ports. a well setup firewall would
> prevent services from being discovered even if they're offered.
Right. I was hoping for the nmap discussion and the firewall
discussion to go hand in hand -- as we come up with more complex
firewalls, we'll show other sorts of nmap scans that are often used to
get around them, and then firewalls that block that... and so on.
> i do remember when i discovered namp. i wanted to go out and portscan
> everything :) but like raven said, any webmasters with a clue will
> percieve this as a potential attack and could inform the authorities.
> with some of the legislation that's getting pushed through congress,
> portscanning may very well be a terrorist act here shortly.
Exactly. The other reason for the big disclaimer -- I live in
the US, and with our new anti-terrorism laws, "hacking", possibly
including portscanning, is really illegal and carries a heavy sentence
now. So does teaching people to "hack". Hence the big emphasis on
"only test this out on systems that you administer and own".
I should explain some of the terminology I've been using, too,
in case y'all haven't seen it before. There's a lot of confusion
between "hackers" and "crackers" and "h@><0rs" and "black hats" and
such.
"Hacker" originally meant a programmer, or someone interested in
the limits and makeup of systems.
http://www.tuxedo.org/~esr/jargon/html/entry/hacker.html
It got co-opted by the press to mean "bad illegal breaker of
systems". It still retains both meanings. Call a geek a hacker, and
they could be complimented, offended, or anywhere in between. But most
people on the street think of the popular "bad geek" meaning.
I use "black hat" preferentially, because it makes a distinction
between the good hackers and the malicious hackers. A white hat hacker,
white-hat for short, is one that shares the interests in programming
and/or testing the limits of systems, but purely for the joy on
knowledge and making those systems better, patching holes, fixing bugs,
etc. A black hat is someone who uses the same knowledge and interests
for their own gain at the expense of others. (There are grey hats, too,
who do both.) If you go to DefCon, Rubi-Con, Black Hat, or SANS (all
security conventions), you'll occasionally see people literally walking
around wearing appropriately colored hats. It's a way of declaring your
affiliation.
> and also as raven suggested, anyone particularly interested in network
> security should read the docs .. though extensive, they're very
> informative :)
Yep. More so if you understand the difference between TCP and
UDP, and where the packets go with any given connection. Is this
something we should go over? I'm thinking we probably should.
Cheers,
Raven
"Sed, sed, awk. Like duck, duck, goose. Sync, sync, halt. It's the
order of nature."
-- me, after too long a day at work
More information about the Courses
mailing list