scanning the scanner
Results 1 to 9 of 9

Thread: scanning the scanner

  1. #1
    Banned
    Join Date
    Jul 2003
    Posts
    374

    scanning the scanner

    hello all as mentioned in previous posts (too many) i recently discovered a
    trojan on my computer and was at a loss as to fixing the problem until i visited
    this site and received helpfull info to solve this...thanks again.. since then i have
    re-installed norton a/v and sygate pfw......... i am running these two programs
    together and it seems seems to be working o.k...... is this recomended or will
    it create a conflict and hinder my security?????..... i have also installed neotrace
    and have tried to use this without much success(i dont know how to use it) due
    to my lack of knowledge in this entire field.... i am very interested in learning how
    to operate this item and excited that it is possible to scan the scanner....... are
    there any more tools that will help me to achive a basic understanding of securing
    my p/c.. any help at all greatly appreciated......

    p.s. should i refrain from posting these sorts of questions and just do a search
    for related material???????? any points into the right direction to get me on my
    way to learning more will be kindly accepted..........thanks again..........

  2. #2
    Member
    Join Date
    Aug 2002
    Posts
    57
    The two programs use two different methods to prevent attackers, so in theory the two should be able too co-exist.
    A virus checker is designed to prevent virus by scanning files for malicious programs, this could be trojens virus' or back doors. A firewall (in this case sygate) is designed to prevent certain connections to your computer which are unwanted or could lead to malicious intent.

    Having the two installed is usually recomended.

    Scanning the scanner, Hmmm! Most 'scans' on the internet are done automatically by virus on other insecure machines or by script kiddies (people who think its uber to do so with no knoledge of how or why) , if you scanned a scanner the probability is that you would find an insecure machine or a script kiddie.

    Scanning a scanner (or anyone else) is usually banned by most isps and people who host web servers have the power to trace you and have you banned permanantly from your isp!

  3. #3
    Banned
    Join Date
    Jul 2003
    Posts
    374
    BANNED??????????
    TRACED??????????
    BANNED PERMANANTLY??????????

    now i am really confused???????????????? i thought that downloading and using
    neotrace was totally legal. cant you use this to report the ilegal scan in the first place
    help needed.thanks.......

  4. #4
    Member
    Join Date
    Aug 2002
    Posts
    57
    I think it was either me not reading / comprehending your question or just bad phrasing!

    I think you meant to say was that you were intrested in tracing attacks. In this case it's perfectly legal to report the attacker as long as you don't use any other form of retaliation.

    Is this the answer you wanted, or does someone better at explaining need to explain it?

  5. #5
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Wow.. I wasn't sure who to quote on this one.. so let's see what I can do...

    Scanning a scanner (or anyone else) is usually banned by most isps and people who host web servers have the power to trace you and have you banned permanantly from your isp!
    Are you sitting here making things up Jnet or what? Anyone who knows what their doing will trace a scan back. Your IP pops up and boom, I know who you are and can contact your ISP. It has nothing to do with people who host web servers. I know hosting companies who's admin's know less than most of the noobs that come here.. I also don't know of very many ISPs who will ban you for running scans. They may say they will, but I use nmap on a daily basis and have yet to be banned.

    i thought that downloading and using neotrace was totally legal.
    Neotrace isn't scanning software (scanning usually refering to port scanning). It is simply a graphical trace route program, that maps the users location based on the route it follows. It is perfectly legal to use this software, it is just a 3rd-party gui version of something that is shipped with your OS.

    i have also installed neotrace and have tried to use this without much success(i dont know how to use it) due to my lack of knowledge in this entire field.... i am very interested in learning how to operate this item
    There's really nothing to learning how to operate this software. Simply type in the hostname or IP address you wish to trace and hit go. If you aren't getting results check to see if your firewall is blocking ICMP Type 30, or just straight away set-up a rule to allow ICMP Type 30. If you want more information on TraceRoute and how it works. Check out RFC 1393. RFCs define, to put it simple, the internet and how it operates. http://www.rfc-editor.org/ will give you more information on RFCs. You can also read RFC 1393 there.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  6. #6
    Banned
    Join Date
    Jul 2003
    Posts
    374
    thanks Jnet for the stress releif....... my question was regarding the correct use
    of the neotrace program. thanks again........

    thanks HTRegz 4 the info... a second opinion always provides a different outlook..
    will try the links you provided..... thanks again...

  7. #7
    Junior Member
    Join Date
    Jun 2003
    Posts
    26
    also with neotrace you can find the isp that the attacker use and the e-mail of the abuse account and send them the logs and hope they are doing something against abusing...

  8. #8
    Senior Member st1mpy's Avatar
    Join Date
    Jun 2003
    Posts
    111

    heh

    hehe thats you can HOPE ... i had few problems like that some kidd from school got my ip on irc an ye ye ... killing me with some crap nuker an ya sended logs to isp nothing happent they said they gona look into logs an fix it but nothing happent so i had to take it onto my own hands i cought him in school an you know what happent later
    Un Seen But Well Heard Of

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    although neotrace is a very easy program to use and gives the isp, from past experiance (maybe its changed) its gives the origin of a transmission as the owner of the isp so say you tracert someone on aol they automatically are located in Dulles, VA.

    i like using the tracert in sam spade. it dosn't have a graphical map but its easy to save to log or get the abuse address for different isps

    i have to fully agree with HT. scanning anybody is not against the law and i too scan on a regular basis without a peep from anybody.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •