It's an issue with shared hosting where users have shell access but no root access.
2015-11-24 17:49 GMT+01:00 Eliot Lear <[email protected]>: > Yes, thanks, Yoav. Apologies to Randy and Kathleen for my terseness. > > Eliot > > > On 11/24/15 5:46 PM, Yoav Nir wrote: > > I think Eliot meant RFC 5785 /.well-known/ locations, rather than well > known ports > > > > Yoav > > > >> On 24 Nov 2015, at 6:37 PM, Kathleen Moriarty < > [email protected]> wrote: > >> > >> I agree with Eliot, I don't think a scan is needed to make a decision > >> here. Having managed several networks that would not have allowed you > >> access from some random scanner, I don't think you'll get all the data > >> you are looking for. In a well managed network, the IDS/IPS should > >> detect that it is a scan and block all future probes once you hit a > >> small number of ports/IPs. So you may get a small sample with > >> everything else failing within an address block. Granted, not all > >> networks are managed well and you may get a good amount of data. > >> > >> If this connection was expected to a few servers, then a network > >> manager might just allow those only on the assigned port. > >> > >> Without any hat on, I agree that a port + 443 as an alternate is a good > plan. > >> > >> Kathleen > >> > >> On Tue, Nov 24, 2015 at 8:11 AM, Randy Bush <[email protected]> wrote: > >>>> Isn't this precisely what .well-known was meant to address? > >>> fun small research project. what percentage of well-known ports can > >>> you connect to from the outside to a machine inside cisco? hell, to > >>> what percentage of well-known ports outside cisco can you reach from > >>> inside? > >>> > >>> well-known does not correlate well with open to access by IT security > >>> departments. > >>> > >>> randy > >>> > >>> _______________________________________________ > >>> Acme mailing list > >>> [email protected] > >>> https://www.ietf.org/mailman/listinfo/acme > >> > >> > >> -- > >> > >> Best regards, > >> Kathleen > >> > >> _______________________________________________ > >> Acme mailing list > >> [email protected] > >> https://www.ietf.org/mailman/listinfo/acme > > > > > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme > >
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
