port scanners

It is possible for nmap, while running a reasonable scan, to crash a system. Unlikely... perhaps nothing more than coincidental... tell it to the judge.

The DOD itself isn't the only organization held to DOD standards. Many private companies, some with no direct dealings with the government at all are bound by these standards.

Quote:

---

I guess, I just hoped most people would face port scanning in a more ethical way.

---

How could scanning a system that you don't have rights on, possibly be ethical?

cheers,

catch

Quote:

---

How could scanning a system that you don't have rights on, possibly be ethical?

---

[sarcasm] Easily Catch, it's not doing any damage to it and it's ethical to not do damage to another 'puter. [/sarcasm] :rolleyes:

I basically agree with Catch on this, although I've never heard a case where NMAP crashed a system (please explain more?). Although, I guess depending on the traffic going through the ports and the system being scanned, there could be a 1 in a billion chance? I dunno.. Just inserting my two cents.

Quote:

---

Easily Catch, it's not doing any damage to it and it's ethical to not do damage to another 'puter.

---

Ethics isn't what you do, it's why you do it. Damaging the computer is incidental...

Quote:

---

I basically agree with Catch on this, although I've never heard a case where NMAP crashed a system

---

While it is true that a basic port scan is unlikely to crash a system. There used to be an index of nmap scans that would crash various application firewalls.

All that aside... what if you happen to scan a system right before or after an attack? The fact is, port scanning is grey area at BEST. Circumstances beyond your control can be the difference between something that falls between the cracks and having the FBI at your door.

cheers,

catch

Quote:

---

Ethics isn't what you do, it's why you do it. Damaging the computer is incidental...

---

I know what ethics is.. and note the sarcasm tags ;)

Quote:

---

There used to be an index of nmap scans that would crash various application firewalls.

---

I'd love to see that index and what application firewalls were crashed. :D

Quote:

---

what if you happen to scan a system right before or after an attack? The fact is, port scanning is grey area at BEST. Circumstances beyond your control can be the difference between something that falls between the cracks and having the FBI at your door.

---

This is why I love posting in a thread with you, catch.. you expand your thinking. This is very true and a legit worry -- what if there already was high activity going on (or even a possible attack?) already. What if the user displayed firewall logs and high port activity already was going on. Again, excellent point catch.. there are always circumstances beyond your control that can alter things easily.

Spyder - catch is adding relevant information to this thread that brings new information to view in response to the orignial post. You are merely questioning what he's saying and adding nothing new to the table.

Quote:

---

Although, I guess depending on the traffic going through the ports and the system being scanned, there could be a 1 in a billion chance?

---

Why even post a comment like that? You're obviously pulling a redicualous figure out of your ***. I think your account should be limited to GCC and Cosmos, where spilling out useless bull**** doesn't pollute the homepage.

NeuTron: Okay, so you want to turn this thread to ****? Hrmm.. Well, I am ALLOWED to comment on another users post (lord knows why I'm explaining this to you). In the quote you quoted from me, it was a rhetorical question.. I wanted to learn more about what was being talked about. Catch was adding things and like I said when I said to him "please explain more", I wanted to learn from what he was adding.

That's what AntiOnline is about.. Now, what have YOU added to this thread, other than a personal attack against someone you obviously don't like? Hrmm.. I rest my case. Oh, and go and neg me back if you want.. you obviously loved that feature once before, eh?

Quote:

---

Originally posted here by Spyder32

That's what AntiOnline is about.. Now, what have YOU added to this thread, other than a personal attack against someone you obviously don't like? Hrmm.. I rest my case. Oh, and go and neg me back if you want.. you obviously loved that feature once before, eh?

---

Alright moron, since you obviously didn't read this thread before you started yapping in it... you might have noticed that I replied to this thread first (1hr after it was posted). So much for resting your case. Oh and if it wasn't for your irrevelevant "tutorial", which I felt compelled to neg, I would have negged you here.

I thought we were talking about port scanning, not about who neg'd who or who did this or who did that.

nmap? i use super scan 4.0, very useful, i can get someones ip , then do a reverse ip lookup on http://whois.webhosting.info

mostly as a learning experience

Quote:

---

Originally posted here by Tetrismaster101
I thought we were talking about port scanning, not about who neg'd who or who did this or who did that.

nmap? i use super scan 4.0, very useful, i can get someones ip , then do a reverse ip lookup on http://whois.webhosting.info

mostly as a learning experience

---

You should definately give NMAP a try. You can download it from this link . Refer to TheHorse13's tutorials to get aquainted with its many features. Links below:

First
Second
Third
Fourth

Well, I don't know of any particular list of what could crash, but from the man pages of NMAP

Quote:

---

It should also be noted that Nmap has been known to crash certain
poorly written applications, TCP/IP stacks, and even operating systems.
Nmap should never be run against mission critical systems unless you
are prepared to suffer downtime. We acknowledge here that Nmap may
crash your systems or networks and we disclaim all liability for any
damage or problems Nmap could cause.

Because of the slight risk of crashes and because a few black hats like
to use Nmap for reconnaissance prior to attacking systems, there are
administrators who become upset and may complain when their system is
scanned. Thus, it is often advisable to request permission before
doing even a light scan of a network.

---

After doing a google search on "nmap crashes" and sorting through pages and pages of hits I found numerous complaints of problems scanning some Cisco equipment, Solaris, VPNs, and more. Most were older complaints, but then again I didn't get even close to searching all the hits.

( BTW, I have never had a crash resulting from NMAP that I am aware of ) ;)