"Stephen J. Wilcox" <[EMAIL PROTECTED]> writes:
> On 18 May 2002, Scott Gifford wrote: > > > > > Scott Francis <[EMAIL PROTECTED]> writes: > > > > [...] > > > > > And why, pray tell, would some unknown and unaffiliated person > > > be scanning my network to gather information or run recon if > > > they were not planning on attacking? I'm not saying that you're > > > not right, I'm just saying that so far I have heard no valid > > > non-attack reasons for portscans (other than those run by > > > network admins against their own networks). > > > > Before choosing an onling bank, I portscanned the networks of the > > banks I was considering. It was the only way I could find to get > > a rough assessment of their network security, which was important > > to me as a customer for obvious reasons. > > I would argue that this is not good practice and you dont have the > right to intrude on the workings of the banks network just because > you have the technology to do so.. if a telnet port was open would > you also check that you were unable to brute force your way in? That > is to say.. what exactly were you hoping to find and then do with > the results? I'm not arguing it's good practice. I'm giving it as an example of a reason why somebody might scan your network, even though they were not planning on attacking. ----ScottG.