July 25th, 2004, 11:19 PM
Umm maybe you have a bad port scanner?
July 26th, 2004, 04:03 PM
Of course, the ISP logs! I knew I'd missed something, but couldn't figure it out. Probably too early on a Sunday morning for me! lol
Originally posted here by hypronix
You can fabricate log files, but you cannot fabricate the log files on your ISP [unless you decide you're able to hack into their network and change stuff around]. Usually your log files will indicate a certain activity, and the ISP can confirm or infirm [to the authorities] that what you're saying is true, based on their logs.
I'm not sure of what you mean by safe... do you mean as an attacker you're safe? Because that wouldn't be the case, I mean it's enough for them to complain to respective authorities and his ISP would dig up some logs and so on so forth.
By safe I meant relatively safe'ish if the user doesn't know about his logs. I mean if the box being scanned is vulnerable it's unlikely, unless it's a honeypot, that the owner knows about the logs.
Hmmm ... the more I type the more I consider there are too many variable unknowns in this melting pot. My advice would be to avoid port scanning as far as possible.
Tomorrow is another day for yesterdays work!
July 26th, 2004, 07:58 PM
IMHO there's a big difference (at least emotional) between scanning a box that has tried to make contact in a manner you suspect it has been compromised and the owner does not know or on the other side, scan whole IP ranges to find boxes that have left those ports open that you want to use for your little evil exploit... anyway if port scanning is illegal, both are against the law. Probably after some complains your ISP will shutdown your connection cause of violation of the acceptable use policy and that would be all.