|
-
July 23rd, 2004, 06:01 AM
#1
Banned
port scanning
when i scan a range of ports i always get dead computers to show up, and if i get any live ones it is either port 80 or maybe 25. When i scan like my computer i have somewhere around 6 ports open. Am i doing something wrong?
-
July 23rd, 2004, 06:21 AM
#2
First off it's a good idea to tell us what tools you're using under what OS.
No, you're not doing anything wrong necessarily. If your pot scanner is enabled to show dead hosts, then it does so. Also, 25 and 80 are service ports [SMTP and HTTP] therefore it is normal for servers [usually] to have these ports open.
I think I shouldn't have to stress that port scanning is frowned upon, especially if you're scanning full ports on some hosts. On firewalled machines after the first couple of ports scanned the firewall might adapt and drop all requests from your IP, therefore nothing would show up [a 'dead' host]. So if this scanning is done without a legal purpose you better stop it before your ISP gets notified.
P.S. Did you scan your own computer through 127.0.0.1 or through the Internet IP? The results might be different depending which of the two scans you did.
/  \\
-
July 23rd, 2004, 05:10 PM
#3
Junior Member
hai,
iam esh theres nothing wrong in it.u said that u had 25 and 80 ports are open
those are srevice port [Smtp,Http].u do one thing check with th reverse loop back
adress 127.0.0.1.further mail me about ur'[email protected].
-
July 23rd, 2004, 06:52 PM
#4
Can someone translate ^^^^ that into english? I know he isn't from America, so I am not bitching, but what the hell did that say?
As far as scanning goes, there really isn't any such thing as Illegal scanning Hypronnix. It is frowned upon, but it isn't illegal in anyway. You can scan a .gov address and not get in trouble, my get a phone call but there is nothing illegal about it.
As for scanning and getting only 25 and 80 open that is very common. Most servers and even home PC's have those open. Definately 80. Which is HTTP.
I need to know what tool your using to better help you. If you don't really know much about your tool, and have the source post it, and I will take a look at your source and let you know a little about it.
Later
-
July 23rd, 2004, 07:15 PM
#5
whizkid2300,
As far as scanning goes, there really isn't any such thing as Illegal scanning Hypronnix
This is not completly true, for instance the Belgian ICT law also makes the possesion of information about other systems with the intend to gain access to them, and attempts to gain access illegal. If the 'target' is realy pissed they could try to stretch your port scan to an attempt to gain info to hack their system and in that way an attempt to gain access without authorization.
Is a port scan always legal? I'm not so sure.
-
July 23rd, 2004, 07:30 PM
#6
Crazy, I was just talking about this with a colleauge yesterday.
http://www.securityfocus.com/news/126
Port scanning is not an evil thing, its absolutley imperative you check it out when pen testing a system. You gotta test security with what is readily available to other people. As a first line of defense you want to know what ports are open, everyone else will be able to. ;-)
hopefully not though.
Kr5Kernel
kr5kernel
(kr5kernel at hotmail dot com)
Linux: Making Penguins Cool Since 1994.
-
July 23rd, 2004, 07:41 PM
#7
Port scanning is not an evil thing, its absolutley imperative you check it out when pen testing a system. You gotta test security with what is readily available to other people. As a first line of defense you want to know what ports are open, everyone else will be able to. ;-)
That is, if you're scanning your own system, or network....not scanning a broad range of IPs or a whole network that doesn't belong to you  .
-
July 23rd, 2004, 07:47 PM
#8
Oh totally, you have to be ethical. But I am saying, you have to use as many of the tools / exploits out there on your own system, as they are available to everyone. There is a big difference between testing your new firewall, and blasting through the internet spray port scans everwhere. :-)
kr5kernel
(kr5kernel at hotmail dot com)
Linux: Making Penguins Cool Since 1994.
-
July 23rd, 2004, 07:50 PM
#9
Originally posted here by whizkid2300
As far as scanning goes, there really isn't any such thing as Illegal scanning Hypronnix. It is frowned upon, but it isn't illegal in anyway. You can scan a .gov address and not get in trouble, my get a phone call but there is nothing illegal about it.
#1. hypronix  no capital h, no double letters. thanks
#2. Well I did not say illegal, but as VictorKaum pointed out some legislations might try to show that a port scan is a certain warning for a future intrusion attempt. And with tightening computer laws you never know what they might end up charging you with... for a mere port scan.
So don't go scanning ranges of IP you have no specific permission. Your ISP might not like getting contacted too many times and they might drop you one day.
/ \\
-
July 23rd, 2004, 08:44 PM
#10
First off you are on the internet when you scan right...
and second what port scanner are you useing it may not work it may be a broken PS...
I have had a few like black code and L32z
Best bet is to use NMap for secureing you comp i hope that is what you are doing...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
