dcsimg
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 29

Thread: Being Scanned

  1. #11
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by cwk9
    unprofessional yes, illegal no.

    Las I heard port scanning was legal in the U.S.
    http://www.securityfocus.com/news/126
    I would imagine you would end up with a similar result if you tried to charge/sue some one for port scanning in Canada.

    You might be able to get results by voicing your concerns to their up stream provider.
    I thought that might be the case cwk9, I am going to let the lawyers run with it anyways to see if they can dig up anything. I am also checking with their up stream provider to see if they have a TOS in place that these guys may have violated.

    Cheers:
    DjM

  2. #12
    Junior Member
    Join Date
    Jan 2004
    Posts
    14
    First of all, I think you are doing the right thing by questioning these port scans as they are extremely unprofessional.

    Although their actions may seem unprofessional and unappropriate, ISOMEDIA may not be breaching the law. As you all know, port scanning, in the eye of the legal worker, is a very thin line to cross. Although port scanning is not illegal, the ruling can vary depending on how in-depth the port scans are and how frequent they occur.

    If you're picking up frequent port scans from ISOMEDIA that seem to be penetrating your defenses more deeply than you feel comfortable, then you may just have a case. If not...

    Whatever the situation, make sure that you consult legal aide because ISOMEDIA is walking on an extremely thin line that could easily break.

    Good luck!

    Happy BHH (Black Hat Hunting) and Happy WHH (White Hat Hacking)

  3. #13
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    Personally, if it doesn't hold up in court, I'd simply build me a box with nmap and schedule scans of their IP on the same ports with the same frequency of occurance.

    Put a webpage on it with the text: "We reserve the right to scan any system that scans our system"

  4. #14
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    Scanning is not illegal nor should it be. Perhaps it seems intrusive to you but honestly this is how the internet works, and has since its inception, and until recently most people used to not notice or care. When you join the internet, you are in a PUBLIC place. The internet is not secure and there are no gurantees that everyone is going to just leave you alone, you shouldnt get your panties in a wad just because some machine is checking for open services (which is perfectly legitimate and not considered 'penetration testing'). I think its perfectly reasonable what they are doing which is cutting down on all the bullshit people get in their e-mail especially since they explain it to you which 98% of people scanning you will not.
    Connect is a relative term, anyone in my company could have sent an email that got routed through this SMTP gateway.
    So in other words, any one in your company is free to connect to services on their machines but when they want to verify the legitimacy of your traffic and connect back to you they are in the wrong?
    Me too, I just blocked them at the firewall.
    Bingo!We have a winner, problem solved without resorting to nastiness. Besides you dont have a legal leg to stand on.

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  5. #15
    Alot of interesting things have been said in this thread. I am in no way affiliated with the company in question. It seems everyone here has deemed a port scan as something terribly bad. Well, I think this is one case where it isn't so bad. Here is a company who is taking a very offensive stance to protect themselves and make their clients happy. I see nothing wrong with what they are doing. They tell you up front that they don't give a crap about your data/content. Of course, if you do prove they maliciously attacked your systems, then they've made it very easy for a person to take legal action against them by documenting their actions.


    I wouldn't attempt to touch these guys from a legal standpoint. Someone has obviously agreed to the practices of this company which has allowed your network to be scanned. Call off the lawyers dude and set out to find the real bad guys.
    - Boyam


  6. #16
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Maestr0 & swarisd, given your response, I guess then you would have no problem with me or anybody else you don't know dropping by your house any time of the day or night and rattling all your doors and windows to ensure they are locked. I assume you would then come out and shake my hand and thank me ever so much for checking your security.
    The point is, I will admit the internet is a public place, but there are still rules in a public place (written or unwritten). If this had been just another script kiddie with nmap, I would have written it off in no time flat, however this is a company which, by its very disclaimer, claims some sort of 'rights' over my systems (your systems as well). I will continue to pursue this matter even though it is not illegal, I still believe its dammed unprofessional.


    Cheers:
    DjM

  7. #17
    Member
    Join Date
    Feb 2003
    Posts
    53
    I agree with a little of both....If the porpose of ISOMEDIAs scans was to find SMTP relays and block them, I'm all for it. There are a ton servers out there with SMTP open, that allow relaying (spoofing e-mails, spam, ect..). They are probable trying to help prevent spam which I am all for. Sure its irritating to be scanned, but if you run a tight ship, you have nothing to worry about. Its called layered security. Let them scan the crap out of your external router and firewall depending on policies, and log at the internal router. If a good policy is in place, little should be getting past the filtering of your external router, and nothing past the firewall. Do you have the right to scan them back and block them, sure, and by all means block them...

  8. #18
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by meloncholy
    if you run a tight ship, you have nothing to worry about.
    I run a tight ship and I am not worried about their scans. What I am set off about is a company claiming they have the:

    absolute right to perform SMTP relay and open proxy server tests upon the connecting IP address, to ensure that the machine at that IP address cannot be abused for malicious purposes.
    Who gave them this "absolute right" on "my" servers.

    Cheers:
    DjM

  9. #19
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    You did by connecting to their mail server and attempting to relay mail through THEIR servers. Don't want them connecting to you, then dont connect to them. This isnt like them rattling your doors to see if they are locked, its more like you coming over to my house claiming to be the cable guy and getting pissed because I call the cable company to verify this.

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

  10. #20
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    You did by connecting to their mail server and attempting to relay mail through THEIR servers. Don't want them connecting to you, then dont connect to them. This isnt like them rattling your doors to see if they are locked, its more like you coming over to my house claiming to be the cable guy and getting pissed because I call the cable company to verify this.
    No. I don't think it's like that. It's more like I'm the mailman, delivering mail and then after I've left behind the mail, they come out and search me for contraband. It makes no sense. If they are doing this, they are adding extra internet network traffic because every SMTP server that connects to them to relay messages is getting scanned. And there's enough extra crap running around the Internet that these guys shouldn't be doing it. Wonder what the big ISPs have done about it? I'm sure they wouldn't be quiet about it.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •