“If you stay connected to the Internet, you will be scanned.
It’s a fact of life. If you have a continuous connection, you’ll be
scanned regularly, quite often by someone with bad intentions. This
week’s column is a basic primer on scanning: what it is, why it’s
done, and the wonderful world of “secret handshakes” and stealth
scans.”
“Scanning a system, or a network, is normally done in order to
find out what services are available. But remember, there are two
groups who do it regularly. The good guys — system administrators
and network security folk — do it to see what is exposed and thus
vulnerable to attack. The bad guys — script kiddies and worse —
do it to see what is exposed and thus vulnerable to attack. Funny,
that is.”
“Scanning is like going up to an apartment building and knocking
on each door to see who is home. Are you running a Web server? A
mail server? BIND? Telnet? FTP? RPC? Those are the questions that
scanning answers. Unfortunately, the answers often reveal enough
about your system to allow an uncouth visitor unauthorized
access.”