>> checks the ports of any website in the nation..(world?)
>> was told not to use on a govt entity ( very bad risk)
>
>You should be aware that portscanning and similar activities are
>considered attacks, and are treated as such by many entities --
>not just government agencies, but ISPs, universities, and corporations.
>I STRONGLY recommend that you (and everyone else) refrain from running
>tools such as these unless (a) you fully understand their operation
>and (b) you fully understand the consequences.
i agree completely.
the 'ports' of a network server are logical ID numbers for the various
protocols that server supports. the logistics of handling multiple
network connections are a lot easier if you treat each connection as a
completely independent thing, and the low-level server software on unix
systems helps to support that illusion.
when you make a connection to a unix server for a given protocol (SMTP
(email), f'rinstance), you don't actually talk to the program which
processes your request.. at least not at the start. what you actually get
is a generic 'set up a connection' program called the 'superserver'. on
unix boxen, that program's name is 'inetd'.
inetd does all the behind-the-scenes work of creating a network connection
that's easy for other programs to work with. then it launches the program
which knows how to handle transactions for the appropriate protocol (the
mail handler). that program starts up with its input appearing as if by
magic.
one of inetd's primary jobs, then, is to identify the incoming protocol and
pass the connection off to the appropriate program. it does that by
assigning each protocol a number. these are known as 'ports'. for each
standard protocol, there is what's known as the 'well known service number'
which defines the port number a client can expect to support that protocol.
therefore, when a client system contacts the inetd on a server and says,
"i'd like a connection to port 25, please", the server knows that it's
being asked to start an SMTP transaction.
a program which tests sequential ports on a server is called a 'port
sniffer', and is frequently used by crackers who want to break into said
server. it's roughly equivalent to walking around someone's house,
rattling the doorknobs and checking to see if the windows are locked. by
itself, it's not explicitly hostile behavior, but it's also not the kind of
thing normally done by inoffensive strangers.
under no circumstances should you sniff the ports of a system without first
asking permission from the person who runs that system. at the absolute
best, such an action would be a breach of 'nettiquette. at worst, someone
could file a complaint against you, and you could spend a lot of time
trying to convince people you were clueless, not malicious. neither
prospect really pleases. it's far better to exercise your charm *before*
seriously pissing someone off.
mike stone <[EMAIL PROTECTED]> 'net geek..
been there, done that, have network, will travel.
____________________________________________________________________
--------------------------------------------------------------------
Join The Web Consultants Association : Register on our web site Now
Web Consultants Web Site : http://just4u.com/webconsultants
If you lose the instructions All subscription/unsubscribing can be done
directly from our website for all our lists.
---------------------------------------------------------------------
