Security Expert Finds Port Scans Not Tied To Hack Attacks

Discussion in 'other firewalls' started by ronjor, Dec 12, 2005.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,775
    Location:
    Texas
    Story
     
  2. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    5% seems like a big number to me. :/
     
  3. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    772
    and 0,05 % (of the 5 %) attacks are successfull.

    Are that 1, 10 or 1000000 successfull attacks a year ??
    :D
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,775
    Location:
    Texas

    Schneier on Security
     
  5. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    One reason (mentioned in the comments in Schneier's blog) is that attackers are getting smarter with port scans - either doing them well in advance of the main attack or spreading them over time and via different addresses to avoid being identified as scans. They are still important as a first step (like scouting the terrain before a military attack) but identifying them will become much more difficult, requiring analysis of traffic patterns over a longer period (days or even weeks).
     
Loading...
Thread Status:
Not open for further replies.