RE: "portscans" (was Re: Arbor Networks DoS defense product)

[James]

> > > Before choosing an onling bank, I portscanned the networks of the 
> > > banks I was considering.  It was the only way I could 
> find to get a 
> > > rough assessment of their network security, which was 
> important to 
> > > me as a customer for obvious reasons.
> > 
[snip]
> 
> I'm not arguing it's good practice.  I'm giving it as an 
> example of a reason why somebody might scan your network, 
> even though they were not planning on attacking.
> 

Even then, its not really effective.  Most compromises I have read about
to major banking providers is from someone at a business partner or
something inside the business indirectly related to the web service
being compromised and then the internal network and any inherit trust
relationships being compromised.

Very rarely is it something super-obvious like an open service with a
default password (but I'm sure there are notable exceptions).

So a portscan of their forward netblocks isn't really a 'test' of their
network security, imo.

- James