<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>Andrew</div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Please break it down to us who are technically challenged. :-)</div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">What does this really mean? In layman' language.<br><br><div><span style="-webkit-tap-highlight-color: rgba(26, 26, 26, 0.294118); -webkit-composition-fill-color: rgba(175, 192, 227, 0.231373);"><b>Ali Hussein</b></span></div><div><b style="background-color: rgba(255, 255, 255, 0);">Hussein & Associates</b></div><div style="font-family: Helvetica; font-size: medium; -webkit-tap-highlight-color: rgba(26, 26, 26, 0.296875); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469); -webkit-text-size-adjust: auto; ">+254 0713 601113 / 0770906375</div><div style="font-family: Helvetica; font-size: medium; -webkit-tap-highlight-color: rgba(26, 26, 26, 0.296875); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469); -webkit-text-size-adjust: auto; "><br></div><div><p style="margin: 0in 0in 0pt;"><span style="background-color: rgba(255, 255, 255, 0);">Twitter: @AliHKassim</span></p><span style="background-color: rgba(255, 255, 255, 0);"><font></font></span><p style="margin: 0in 0in 0pt;"><span style="background-color: rgba(255, 255, 255, 0);">Skype: abu-jomo</span></p><p style="margin: 0in 0in 0pt;"><span style="background-color: rgba(255, 255, 255, 0);">LinkedIn: <a href="http://ke.linkedin.com/in/alihkassim" target="_blank">http://ke.linkedin.com/in/alihkassim</a><a href="http://ke.linkedin.com/in/alihkassim" target="_blank"><span style="text-decoration: none;"></span></a></span></p><span style="background-color: rgba(255, 255, 255, 0);"><font></font></span><p style="margin: 0in 0in 0pt;"></p><font><span style="background-color: rgba(255, 255, 255, 0);">Blog: <a href="http://www.alyhussein.com/" target="_blank">www.alyhussein.com</a></span><br></font></div><div><span style="-webkit-tap-highlight-color: rgba(26, 26, 26, 0.292969); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469); "><br></span></div><div>"Discovery consists in seeing what everyone else has seen and thinking what no one else has thought". ~ Albert Szent-Györgyi</div><div><span style="-webkit-tap-highlight-color: rgba(26, 26, 26, 0.294118); -webkit-composition-fill-color: rgba(175, 192, 227, 0.231373);"><br></span></div>Sent from my iPad</div><div><br>On 5 Jun 2017, at 10:08 AM, Andrew Alston via kictanet <<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>> wrote:<br><br></div><blockquote type="cite"><div>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1264069616;
mso-list-type:hybrid;
mso-list-template-ids:1771990658 1011658270 134807577 134807579 134807567 134807577 134807579 134807567 134807577 134807579;}
@list l0:level1
{mso-level-number-format:alpha-lower;
mso-level-text:"%1\.\)";
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;}
@list l0:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US">Hi All,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">This morning I got an interesting email from
<a href="mailto:cirt@ca.go.ke">cirt@ca.go.ke</a> as regards open RDP ports on the network.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Now, I’ve got a few questions about this -<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span lang="EN-US"><span style="mso-list:Ignore">a.)<span style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span lang="EN-US">Has anyone else had similar reports<o:p></o:p></span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span lang="EN-US"><span style="mso-list:Ignore">b.)<span style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span lang="EN-US">Ports can be open for many reasons – and they sit on private companies machines and companies have the right to firewall or not firewall dependent on a multitude of reasons – why are these being put out as an
incident report <o:p></o:p></span></p>
<p class="MsoListParagraph" style="text-indent:-18.0pt;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span lang="EN-US"><span style="mso-list:Ignore">c.)<span style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span lang="EN-US">Under what premise does anyone – be they cert or otherwise – have the authority to run scans against private networks and systems – I was under the impression that port scanning private systems was not allowed?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I’m kinda concerned here when a report shows up that clearly indicates that targeted scans have been made – particularly since some of the IP addresses in that report are not even inside Kenya and sit on IP addresses
belonging to clients who have in no way authorized security scans against themselves.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Anyone got any thoughts or comments?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Andrew<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>kictanet mailing list</span><br><span><a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a></span><br><span><a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a></span><br><span>Twitter: <a href="http://twitter.com/kictanet">http://twitter.com/kictanet</a></span><br><span>Facebook: <a href="https://www.facebook.com/KICTANet/">https://www.facebook.com/KICTANet/</a></span><br><span></span><br><span>Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/info%40campusciti.com">https://lists.kictanet.or.ke/mailman/options/kictanet/info%40campusciti.com</a></span><br><span></span><br><span>The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.</span><br><span></span><br><span>KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.</span></div></blockquote></body></html>