On Mon, 11 Dec 2017 19:46:55 +0100 "Kurt Jaeger" <li...@opsec.eu> said
Hi! > If you, as an administrator of a/your system(s), see no problem with > (port) scanners, and take no action to thwart such activity. You are > more than likely to encounter trouble(s) down the road. Right, portscanning is bad, if not done in a transparent way, so as sys-admin I have to reduce exposure. But it's a valid tool, nevertheless. > In short; I see them all as "black hats". Honestly. Can you *really* > determine good intentions from bad intentions on an incoming port scan? Yes. If it's done with full transparency, I don't mind scanning. With transparency, I mean: - reverse dns is set - scan from the same IP all the time
They don't. For the sake of argument, I'll name showdan; they use (off the top of my head) some 9 to 12 addresses. Addresses the move, also. :(
- some point of contact for the scan (a website, email etc) - if requested, the scanner delivers individual results to the scanned - if requested, one can be excluded from the scan - all the results are only used for 'above-the-waterline' work, like research or statistics - scanner is willing to be audited - [maybe some other rules...] In fact, I've even organised such a project doing that for TLS: https://github.com/TLS-Check/tls-check
I respectfully agree to disagree with you on this. Mostly on one point; I should be informed *prior* to the port scan/audit, not *after*.
I would not mind a registry at IANA for such transparent scan projects, so that all the other ones can be traced and stopped.
This, my friend, I agree with you on, wholeheartedly. :-) --Chris
-- p...@opsec.eu +49 171 3101372 3 years to go !
_______________________________________________ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"