On 1 Mar 2003, Michael Lamoureux wrote:
andy> If so, why outlaw the act of probing? Why not outlaw "probing andy> for the purposes of..."?
What's the offset into the probe packets to the "intent of the this probe" field? And would you trust it if there were one anyway?
People speed, drive drunk, and run over pedestrians. Should we outlaw cars? Maybe just in California? :)
What's a legit probe? One where the owner gave you permission in advance to run the scan? I can't think of another definition of that phrase.
When you walk into the secure part of an airport or some schools in rough neighborhoods, you're scanned for metallic objects. When you exchange traffic with certain networks, they may also want to check you out to see what risk may be associated with accepting your data in the future. If your system is an open relay/proxy, then there's elevated risk that at some point (if not already), the data coming from your system will be SPAM. Some networks will choose not to accept your data or to tag it in order to prevent their customers from having to accept unwanted data.
This is a completely naive statement. There are 0 networks that I'm willing to believe have 0 vulnerabilities on them. There may be 0 that you know about, but that doesn't mean there aren't more vulnerabilities which aren't public knowledge lurking in sendmail or bind or ssh or ssl or apache or any number of other services you have running.
So if nobody probes your network, it's more secure? ---------------------------------------------------------------------- Jon Lewis *jlewis@lewis.org*| I route System Administrator | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________