Re: Allowing scanning from home

From: Adam Jones (ajones1_at_gmail.com)
Date: 10/28/04

  • Next message: xyberpix: "Re: possible rooted system" 
    Date: Thu, 28 Oct 2004 13:44:37 -0500
To: security-basics@securityfocus.com

    I believe that it boils down to two things, group consensus on the
    subject, and the obvious issues with scanning across networks.

    One of the most important things in any kind of security evaluation is
    to ensure that everyone involved is ok with it. At my office we do not
    manage our own switches, and have clients in remote locations of our
    campus. Scanning across those locations is a violation of network
    usage unless specifically allowed by the administering body of our
    network devices. My point is that everyone responsible for any
    component used in the scanning must agree to it to ensure that you are
    not violating anyone's policies.

    You also need to ensure that scanning from a home network is not
    prohibited by the ISP. A lot of them do have regulations against
    scanning in the usage agreement. Do it enough times and someone is
    bound to take notice.

    Personally I doubt it is worth the risk. Home systems usually go
    through too many networks with too many people to contact and get
    approval from for the scanning to take place. Setting up an encrypted
    VPN that is treated by your firewalls as any other IP address would
    get you into your own network without worrying about the home ISP
    taking issue with scanning, but that seems like a lot of trouble just
    to do a little scanning from home. It would be much easier to alter
    the firewall rules to treat one of your own ips as a foreign ip and do
    everything from work.

    -Adam

  • Next message: xyberpix: "Re: possible rooted system"

    Relevant Pages

    • Re: Nmap scanning speed
      ... > I have to scan a large network. ... is it possible to get good port scanning speed of over 700 ports per second from nmap? ...
      (Pen-Test)
    • Question about "guaranteed delivery"
      ... Currently we have a three-layered network, ... messages to the content scanning devices. ... What we need in short is some sort of black box/software solution/method to ... or do some sort of manual delivery. ...
      (Security-Basics)
    • Re: Whats going on here?
      ... >upstream path portscanning, using source port 80 to fool misconfigured ... Three scenarios, both based on the facts that ZoneAlarm is host-based, ... Scenarion #1: Someone port scanning your system: ... Someone external to your network would receive no ...
      (Incidents)
    • RE: Online Scanning Services Vrs. Stand Alone Applications
      ... online scanning might bee seen just as external ... vulnerability scanning outsourcing, ... >> setup a nessus client at various parts of your network ...
      (Pen-Test)
    • RE: Online Scanning Services Vrs. Stand Alone Applications
      ... someone managing your scanning for you or not". ... technical comparison of the scanners. ... network from running the same attacks with a standalone application on the ... > and have those remote agents send back the findings to the ...
      (Pen-Test)