On Mon, 2004-02-16 at 15:28, Paul Schmehl wrote: > --On Monday, February 16, 2004 1:49 PM -0800 "Gregory A. Gilliss" > <[EMAIL PROTECTED]> wrote: > > > You're kidding, right? Me thinks you *need* some hacker intel! > > So you think a simple nmap scan is sufficient to determine if a host is > insecure? Interesting. > > If you scanned my Windows XP boxes, you'd find a bunch of juicy ports open. > What you wouldn't find is a hackable daemon. All the open ports feed a > program that captures the packets for analysis later. The boxes are > running no Internet-addressable services. Yet, from an nmap scan you might > (wrongly) assume that those boxes were grossly insecure. > > This is the Internet. Things are not always what they seem. And open > ports don't always mean negligence.
on a host running a production website common sense would dictate that *any* non-essential services be turned off, if for no other reason then the fact that having multiple services running makes the host a prime target for attacks. i should think this is even more true when the host is running a website that has been advertised on a mailing list which attracts the specific element of computing society with a bent towards system compromise. while having a test box out there 'in the wild' accumulating data on currently-employed techniques for cracking hosts, methinks that functionality would be better suited to a separate host. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
