thank you all for the clarification..I was indeed under the impression
that used indiscreetly was somehow a ..no-no..
The classes I am in..Web Server Tech..Perl..Internet Tech....Infinit-D
etc..gives us tools to experiment with.
It was not a malicious offering...we are studing the different aspects
and things that can be done with Perl...and it tied in with the
knowledge of servers and its relation to...."what is a port/" etc...here
is how it relates to interactivity...the avenues of transmission etc.
I was told you can check the security of your own site with this
tool.....
maybe this is the old adage ..."that a little bit of knowledge is
dangerous"
again ....
thank you for the clarification..
rick
Michael A. Stone wrote:
>
> >> checks the ports of any website in the nation..(world?)
> >> was told not to use on a govt entity ( very bad risk)
> >
> >You should be aware that portscanning and similar activities are
> >considered attacks, and are treated as such by many entities --
> >not just government agencies, but ISPs, universities, and corporations.
> >I STRONGLY recommend that you (and everyone else) refrain from running
> >tools such as these unless (a) you fully understand their operation
> >and (b) you fully understand the consequences.
>
> i agree completely.
>
> the 'ports' of a network server are logical ID numbers for the various
> protocols that server supports. the logistics of handling multiple
> network connections are a lot easier if you treat each connection as a
> completely independent thing, and the low-level server software on unix
> systems helps to support that illusion.
>
> when you make a connection to a unix server for a given protocol (SMTP
> (email), f'rinstance), you don't actually talk to the program which
> processes your request.. at least not at the start. what you actually get
> is a generic 'set up a connection' program called the 'superserver'. on
> unix boxen, that program's name is 'inetd'.
>
> inetd does all the behind-the-scenes work of creating a network connection
> that's easy for other programs to work with. then it launches the program
> which knows how to handle transactions for the appropriate protocol (the
> mail handler). that program starts up with its input appearing as if by
> magic.
>
> one of inetd's primary jobs, then, is to identify the incoming protocol and
> pass the connection off to the appropriate program. it does that by
> assigning each protocol a number. these are known as 'ports'. for each
> standard protocol, there is what's known as the 'well known service number'
> which defines the port number a client can expect to support that protocol.
>
> therefore, when a client system contacts the inetd on a server and says,
> "i'd like a connection to port 25, please", the server knows that it's
> being asked to start an SMTP transaction.
>
> a program which tests sequential ports on a server is called a 'port
> sniffer', and is frequently used by crackers who want to break into said
> server. it's roughly equivalent to walking around someone's house,
> rattling the doorknobs and checking to see if the windows are locked. by
> itself, it's not explicitly hostile behavior, but it's also not the kind of
> thing normally done by inoffensive strangers.
>
> under no circumstances should you sniff the ports of a system without first
> asking permission from the person who runs that system. at the absolute
> best, such an action would be a breach of 'nettiquette. at worst, someone
> could file a complaint against you, and you could spend a lot of time
> trying to convince people you were clueless, not malicious. neither
> prospect really pleases. it's far better to exercise your charm *before*
> seriously pissing someone off.
>
> mike stone <[EMAIL PROTECTED]> 'net geek..
> been there, done that, have network, will travel.
>
> ____________________________________________________________________
> --------------------------------------------------------------------
> Join The Web Consultants Association : Register on our web site Now
> Web Consultants Web Site : http://just4u.com/webconsultants
> If you lose the instructions All subscription/unsubscribing can be done
> directly from our website for all our lists.
> ---------------------------------------------------------------------
____________________________________________________________________
--------------------------------------------------------------------
Join The Web Consultants Association : Register on our web site Now
Web Consultants Web Site : http://just4u.com/webconsultants
If you lose the instructions All subscription/unsubscribing can be done
directly from our website for all our lists.
---------------------------------------------------------------------
