On Mon, 28 Jul 2014 21:38:37 +0100 Brian <a...@cityscape.co.uk> wrote:
> On Mon 28 Jul 2014 at 22:00:00 +0200, Slavko wrote: > > > Dňa Mon, 28 Jul 2014 20:51:31 +0100 Brian <a...@cityscape.co.uk> > > napísal: > > > > > You never really answered my questiom. If you place something in a > > > public place, a mailserver, for example, why should it be a > > > criminal offence to look at it. If you did not want it to be seen > > > you have the solution at hand. > > > > Yes, i provided answer to you. I try it again: If is something in > > public place, it doesn't mean, that anybody can do anything with it. > > You are stating the obvious. > > I'll try a more technical answer. Remember, you were of the opinion > that using nmap could be a criminal offence in some countries (which > you declined to name). > > I will use my preferred email client (telnet) for this test. > > brian@desktop:~$ telnet mail.o2.co.uk 25 > Trying 82.132.141.69... > Connected to mail.o2.co.uk. > Escape character is '^]'. > 220 mail.o2.co.uk ESMTP Service ready > > > brian@desktop:~$ telnet mail.o2.co.uk 587 > Trying 82.132.141.69... > telnet: Unable to connect to remote host: Connection timed out > > > I also used another 40.000 ports. > > Happpier with this? > > Communication is one of the most basic human needs. Have I > transgressed its boundaries? > > Not as far as it goes. I occasionally use telnet to a mail server to check an email address is valid. That's a legitimate SMTP function to use anonymously, and many email clients use it to verify an address while you're composing an email. But if you got a reply on 587 and then tried guessing user names and passwords, knowing you didn't have an account there, I think you would be attempting to gain unauthorised access to a computer system, which is an offence in some countries. And SMTP and HTTP are protocols normally accessed anonymously, as FTP can be. Other protocols, such as SSH and RDP are never accessible anonymously, they always require an account on the server, and it could be argued that any connection attempts to such ports were 'attempting to gain...' Also, the use of malformed connection packets can sometimes gain access to vulnerabilities in servers, and such behaviour would seem to fall foul of the definition. nmap can certainly be used to try to identify the OS in use by a server, and perhaps try to see some details of the network behind the firewall, which again would not seem to be legitimate things to do. It's not clear cut, but some behaviours would appear to be legitimate, and some not. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140728230432.01a73...@jretrading.com
