Opinions on port scanning

[Showtime8000]

I just wanted to hear from the members of AO.........do you think port scanning should be illegal? Is it legal?

[aj67my]

AFAIK it is legal in some countries while illegal in others.

However I would expect that in all cases nomater what country you live in that it would be legal to port scan your own computers. So a company for example might be analizeing a server in their network and may use a port scanner to look for open ports used by trojans.

Sites such as www.pcflank.com will port scan your computer looking for open ports and give you a report on what it finds. They warn you to verify that indeed the IP address they are useing is corect and that you have verified with your ISP that you may scan your computer. As some ISPs may panic.

So in those cases it should be legal since you own the target computer. But in cases where your port scanning yahoo for example, I would expect you would soon be confonted by yahoo asking for the reason behind port scanning their computer.

Or as another example, if I was to do a zone transfer without first geting permision from the owner of that IP block, It is considered very rude, and it also puts a load on their routers to reply to a zone transfer.

I think it just depends however I would not recomend randomly port scanning computers without first knowing who you are dealing with.

So I think legaly it depends.

[souleman]

I don't think it is acually illegal, but..... IF you do NOT have permission, and you are detected, it can be considered a hacking attempt, and I have seen ISP's remove peoples accounts for something as simple as a port scan.

[Terr]

I think that it isn't illegal, but it is certainly somewhat rude. Now, connecting to a port and attempting to log in... that's a bit different.

[t2k2]

Yeah, I am pretty sure it's legal in most countries, but some ISP's do frown on it, especially if it's reported to their abuse departments. Still there are others - more than not so I've found - that will not do anything if this type of probing activity is reported, no matter how many times you are scanned. I guess they have better things to investigate - either that, or they are so used to sitting with their thumbs up their a55e5 that they don't really know what it is to investigate suspicous activity. You could probably scan until your heart's content, but I wouldn't recommend doing that for obvious reasons. You could get yourself kicked off, or worse yet, piss someone off that is a hacker themselves and get yourself hacked. All in all, it's definitely best to just stick to scanning your own systems.

Peace.

[rookrookrook]

If your scanning outside your local network on a user with any sense you can expect a phone call!!

[Juridian]

My opinion of scanning (and related activities) is this....if you don't own it or have some kind of legal agreement allowing you to test it...leave it alone.

[blakdeth77]

Personally I dont see the harm in port scanning. I think it's the equivalent of driving by someone's house and looking at it and seeing through any open windows. If you don't want someone seeing in, then close the shade(port). I don't agree with the idea that if your door is open on your house, that someone should walk in jus b/c it's open. But I honestly can't see any harm in looking from the outside.

[Spyder32]

Originally posted here by blakdeth77
Personally I dont see the harm in port scanning. I think it's the equivalent of driving by someone's house and looking at it and seeing through any open windows. If you don't want someone seeing in, then close the shade(port). I don't agree with the idea that if your door is open on your house, that someone should walk in jus b/c it's open. But I honestly can't see any harm in looking from the outside.

When you say to close the shade(port), what if you are running ftp services, or are a company that needs the SSH port open? Then what do you do, stop your services? I would have to go with Juridian's idea on portscanning. Again, I doubt a company will stop their services and that most System Admin's/Operators would report a portscan.

[nebulus200]

There is a grey area in port scanning, in that, how many ports does it take for it to be considered a port scan? What if someone made a typo in a URL? What if someone was told the wrong IP? Those connections surely aren't scanning and are part of 'normal traffic', so there is a little squiggle room there, but not much. Most places would consider a scan a prelude to an attack and would report you, and your ISP could certainly take actions against you.

As far as the analogy goes :

Personally I dont see the harm in port scanning. I think it's the equivalent of driving by someone's house and looking at it and seeing through any open windows. If you don't want someone seeing in, then close the shade(port). I don't agree with the idea that if your door is open on your house, that someone should walk in jus b/c it's open. But I honestly can't see any harm in looking from the outside.

1st comment: Uh...Don't know about you, but I wouldn't want someone walking around outside my house looking in my windows, and if I did catch someone doing that, they would have some explaining to do at gunpoint (note I said house, not apartment).

2nd comment: I tend to think of port scanning as a little more aggressive than just merely standing off from a distance and looking...more along the lines of going to every window/door on a house and trying to open them, but not going inside, but I also realize that is just my opinion.

So I guess to sum it up, I take it a little more seriously than do most people, and while it may not be 'illegal' to do it (you have to be careful, being sloppy when you scan could cause problems and those problems could get you prosecuted, think syn flooding and other DoS types of things), you are certainly inviting attention upon yourself, and if enough people complain to your ISP, you may be looking for a new one...

/nebulus