[Full-Disclosure] New Security News Website
g0d at mrplaydoh.org
Tue Feb 17 02:21:56 GMT 2004
On Mon, 2004-02-16 at 15:28, Paul Schmehl wrote:
> --On Monday, February 16, 2004 1:49 PM -0800 "Gregory A. Gilliss"
> <ggilliss at netpublishing.com> wrote:
> > You're kidding, right? Me thinks you *need* some hacker intel!
> So you think a simple nmap scan is sufficient to determine if a host is
> insecure? Interesting.
> If you scanned my Windows XP boxes, you'd find a bunch of juicy ports open.
> What you wouldn't find is a hackable daemon. All the open ports feed a
> program that captures the packets for analysis later. The boxes are
> running no Internet-addressable services. Yet, from an nmap scan you might
> (wrongly) assume that those boxes were grossly insecure.
> This is the Internet. Things are not always what they seem. And open
> ports don't always mean negligence.
on a host running a production website common sense would dictate that
*any* non-essential services be turned off, if for no other reason then
the fact that having multiple services running makes the host a prime
target for attacks. i should think this is even more true when the host
is running a website that has been advertised on a mailing list which
attracts the specific element of computing society with a bent towards
system compromise. while having a test box out there 'in the wild'
accumulating data on currently-employed techniques for cracking hosts,
methinks that functionality would be better suited to a separate host.
Full-Disclosure is hosted and sponsored by Secunia.