Procmail Vulnerabilities check
Chris H
portmaster at BSDforge.com
Mon Dec 11 20:32:58 UTC 2017
On Mon, 11 Dec 2017 19:46:55 +0100 "Kurt Jaeger" <lists at opsec.eu> said
> Hi!
>
> > If you, as an administrator of a/your system(s), see no problem with
> > (port) scanners, and take no action to thwart such activity. You are
> > more than likely to encounter trouble(s) down the road.
>
> Right, portscanning is bad, if not done in a transparent way,
> so as sys-admin I have to reduce exposure.
>
> But it's a valid tool, nevertheless.
>
> > In short; I see them all as "black hats". Honestly. Can you *really*
> > determine good intentions from bad intentions on an incoming port scan?
>
> Yes. If it's done with full transparency, I don't mind scanning.
>
> With transparency, I mean:
> - reverse dns is set
> - scan from the same IP all the time
They don't. For the sake of argument, I'll name showdan; they use (off
the top of my head) some 9 to 12 addresses. Addresses the move, also. :(
> - some point of contact for the scan (a website, email etc)
> - if requested, the scanner delivers individual results to the scanned
> - if requested, one can be excluded from the scan
> - all the results are only used for 'above-the-waterline' work,
> like research or statistics
> - scanner is willing to be audited
> - [maybe some other rules...]
>
> In fact, I've even organised such a project doing that for TLS:
>
> https://github.com/TLS-Check/tls-check
I respectfully agree to disagree with you on this. Mostly on one point;
I should be informed *prior* to the port scan/audit, not *after*.
>
> I would not mind a registry at IANA for such transparent scan projects,
> so that all the other ones can be traced and stopped.
This, my friend, I agree with you on, wholeheartedly. :-)
--Chris
>
> --
> pi at opsec.eu +49 171 3101372 3 years to go
> !
More information about the freebsd-ports
mailing list