RE: Is it "legal" to nmap offending hosts?

From: Richard Feaver (rfeaver@roscopc.com)
Date: 09/12/01 

From: "Richard Feaver" <rfeaver@roscopc.com>
To: <SECURITY-BASICS@securityfocus.com>
Subject: RE: Is it "legal" to nmap offending hosts?
Date: Wed, 12 Sep 2001 12:04:55 -0500
Message-ID: <PFEKKOCKFCDOACGENBFKOEFCIDAA.rfeaver@roscopc.com>

lo,

What would you achieve by running NMAP on their machine anyway ?

Spot a few exploitable services. . . what would you do then?
break in and get busted and for what ?
precisley zero apart from an nmap scan which happen by the thousands.

just get the IP block and report them to admin and move on.

lates

-----Original Message-----
From: Matt Hemingway [mailto:matt@supplyedge.com]
Sent: 10 September 2001 11:59
To: SECURITY-BASICS@securityfocus.com
Subject: Re: Is it "legal" to nmap offending hosts?

I say if someone runs nmap on your host you should be able to run it right
back on one of their's. If someone hits me in the face, I hit them right
back. If someone calls me stupid, I call them a f'ing moron. If someone
scans my computer, I DoS them.........but thats just me. :-)

-matt

On Monday 10 September 2001 15:45, you wrote:
> Xno,
> I think it's better to run an nslookup on a host, then contact the
> administrator and send a few pages of log files (careful not to send too
> much info in logs - internal IPs etc.). Most of the traffic I get is
> either related to a virus (i.e. Code Red infected IIS servers or servers
at
> that site compromised by another user). More than often the admins are
> unaware of the traffic hitting your firewall, and most are polite and
> helpful when investigating unwarranted network traffic. I don't advise to
> use aggressive probes to investigate a host you suspect as probing yours,
> it's better to work with them to resolve the issue.
>
> Robert
>
>
>
>
>
> -----Original Message-----
> From: Xno Xutz [mailto:xnoxutz@yahoo.com]
> Sent: Saturday, September 08, 2001 11:10 AM
> To: SECURITY-BASICS@securityfocus.com
> Subject: Is it "legal" to nmap offending hosts?
>
>
> Hi All!
>
> Sure this is a beginners question, but I must ask it
> anyway. Is it considered ilegal ou unpolite to send
> nmap probes to offending hosts I find in my logs? I
> have no intention to go any farther, but I would like
> to gather some information on these hosts.
>
> Any comments would be welcome!
>
> Regards,
> Xno
>
> __________________________________________________
> Do You Yahoo!?
> Get email alerts & NEW webcam video instant messaging with Yahoo!
Messenger
> http://im.yahoo.com

Relevant Pages

  • Fw: Nmap 4.00 Released! (ARP scanning)
    ... I am pleased to announce that Nmap 4.00 is now available! ... It is now used automatically for any hosts that are ... the UDP probes will have their status changed to open. ... 'd' to increase the debugging level, 'p' to enable packet tracing, ...
    (Security-Basics)
  • Re: Is it "legal" to nmap offending hosts?
    ... Is it "legal" to nmap offending hosts? ... > much info in logs - internal IPs etc.). ...
    (Security-Basics)
  • Re: faster scans? (nmap)
    ... If all you're looking for is which hosts are up, ... only hosts that you know are there with Nmap. ... I believe that hping ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • RE: Discovering Live Hosts
    ... scanrand quick the segment. ... nmap port ping -PS for default port 80, ... nmap ping sweep -sP. ... This should give you a list of hosts on the target segment that are alive ...
    (Pen-Test)
  • Re: [?? Probable Spam] Automated Nmap Scans / Front End
    ... About thee time your scan takes, you can control nmap timaing if you are sure that your network link and those of the scanned hosts are reliable. ... Need to secure your web apps? ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
Quantcast