Net-Security.org: Paranoia Vs. Transparency And Their Effects On Internet SecurityNov 16, 2000, 09:04 (1 Talkback[s])
(Other stories by Mixter)
[ Thanks to LogError for this link. ]
"Lately, reactions to non-intrusive probes and network activity that is merely unexpected are becoming increasingly hostile; a result from increasing amounts of incidents and security threats. From my perspective of security, overreactions to activities not crossing authorization and legal boundaries, are leading to a scenario where anyone acquiring basic information about a system needs to be afraid about potential consequences. Seen under a wide scope, this leads to network security no longer being transparent."
"Why a non-transparent security situation on the Internet is bad? Obviously, it is a big advantage to malicious intruders who have no legal concerns because they can conceal their identity through compromised systems, and a big disadvantage to security firms, admins and individuals who depend on a complete picture of Internet security problems to solve them. Non-malicious, beneficial large scale scans like the broadcast amplifier scanning projects are becoming harder and riskier to perform using legal resources."
"Network scanning and corresponding tools evolved out of a necessity to counter new intrusion methods after they were commonly employed by system crackers.  A scanner is simply security software that automates the process of making connections to a service to determine its availability and version, which allows drawing conclusions regarding security and potential vulnerability. Scanning a host is the fastest way to identify its remote vulnerabilities since it puts the analyst in the same perspective as an attacker, seeing all possible holes."