Opinions on port scanning
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Opinions on port scanning

  1. #1
    Senior Member
    Join Date
    Aug 2002
    Posts
    239

    Opinions on port scanning

    I just wanted to hear from the members of AO.........do you think port scanning should be illegal? Is it legal?
    It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.

    Hit it!

  2. #2
    AFAIK it is legal in some countries while illegal in others.

    However I would expect that in all cases nomater what country you live in that it would be legal to port scan your own computers. So a company for example might be analizeing a server in their network and may use a port scanner to look for open ports used by trojans.

    Sites such as www.pcflank.com will port scan your computer looking for open ports and give you a report on what it finds. They warn you to verify that indeed the IP address they are useing is corect and that you have verified with your ISP that you may scan your computer. As some ISPs may panic.

    So in those cases it should be legal since you own the target computer. But in cases where your port scanning yahoo for example, I would expect you would soon be confonted by yahoo asking for the reason behind port scanning their computer.

    Or as another example, if I was to do a zone transfer without first geting permision from the owner of that IP block, It is considered very rude, and it also puts a load on their routers to reply to a zone transfer.

    I think it just depends however I would not recomend randomly port scanning computers without first knowing who you are dealing with.

    So I think legaly it depends.
    test

  3. #3
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    I don't think it is acually illegal, but..... IF you do NOT have permission, and you are detected, it can be considered a hacking attempt, and I have seen ISP's remove peoples accounts for something as simple as a port scan.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  4. #4
    Old-Fogey:Addicts founder Terr's Avatar
    Join Date
    Aug 2001
    Location
    Seattle, WA
    Posts
    2,007
    I think that it isn't illegal, but it is certainly somewhat rude. Now, connecting to a port and attempting to log in... that's a bit different.
    [HvC]Terr: L33T Technical Proficiency

  5. #5
    Senior Member
    Join Date
    Aug 2002
    Posts
    651
    Yeah, I am pretty sure it's legal in most countries, but some ISP's do frown on it, especially if it's reported to their abuse departments. Still there are others - more than not so I've found - that will not do anything if this type of probing activity is reported, no matter how many times you are scanned. I guess they have better things to investigate - either that, or they are so used to sitting with their thumbs up their a55e5 that they don't really know what it is to investigate suspicous activity. You could probably scan until your heart's content, but I wouldn't recommend doing that for obvious reasons. You could get yourself kicked off, or worse yet, piss someone off that is a hacker themselves and get yourself hacked. All in all, it's definitely best to just stick to scanning your own systems.

    Peace.
    Opinions are like holes - everybody\'s got\'em.

    Smile

  6. #6
    Junior Member
    Join Date
    Oct 2002
    Posts
    22
    If your scanning outside your local network on a user with any sense you can expect a phone call!!

  7. #7
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    My opinion of scanning (and related activities) is this....if you don't own it or have some kind of legal agreement allowing you to test it...leave it alone.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  8. #8
    Personally I dont see the harm in port scanning. I think it's the equivalent of driving by someone's house and looking at it and seeing through any open windows. If you don't want someone seeing in, then close the shade(port). I don't agree with the idea that if your door is open on your house, that someone should walk in jus b/c it's open. But I honestly can't see any harm in looking from the outside.
    Analog = Classical
    Digital = Techno

  9. #9
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    Originally posted here by blakdeth77
    Personally I dont see the harm in port scanning. I think it's the equivalent of driving by someone's house and looking at it and seeing through any open windows. If you don't want someone seeing in, then close the shade(port). I don't agree with the idea that if your door is open on your house, that someone should walk in jus b/c it's open. But I honestly can't see any harm in looking from the outside.
    When you say to close the shade(port), what if you are running ftp services, or are a company that needs the SSH port open? Then what do you do, stop your services? I would have to go with Juridian's idea on portscanning. Again, I doubt a company will stop their services and that most System Admin's/Operators would report a portscan.
    Space For Rent.. =]

  10. #10
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    There is a grey area in port scanning, in that, how many ports does it take for it to be considered a port scan? What if someone made a typo in a URL? What if someone was told the wrong IP? Those connections surely aren't scanning and are part of 'normal traffic', so there is a little squiggle room there, but not much. Most places would consider a scan a prelude to an attack and would report you, and your ISP could certainly take actions against you.

    As far as the analogy goes :

    Personally I dont see the harm in port scanning. I think it's the equivalent of driving by someone's house and looking at it and seeing through any open windows. If you don't want someone seeing in, then close the shade(port). I don't agree with the idea that if your door is open on your house, that someone should walk in jus b/c it's open. But I honestly can't see any harm in looking from the outside.
    1st comment: Uh...Don't know about you, but I wouldn't want someone walking around outside my house looking in my windows, and if I did catch someone doing that, they would have some explaining to do at gunpoint (note I said house, not apartment).

    2nd comment: I tend to think of port scanning as a little more aggressive than just merely standing off from a distance and looking...more along the lines of going to every window/door on a house and trying to open them, but not going inside, but I also realize that is just my opinion.

    So I guess to sum it up, I take it a little more seriously than do most people, and while it may not be 'illegal' to do it (you have to be careful, being sloppy when you scan could cause problems and those problems could get you prosecuted, think syn flooding and other DoS types of things), you are certainly inviting attention upon yourself, and if enough people complain to your ISP, you may be looking for a new one...

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •