[PLUG] portscan manners?

Stafford A. Rau srau at rauhaus.org
Sat Jul 13 23:59:43 UTC 2002


* John H. <john at cryptowave.com> [020713 12:44]:
> I wouldn't suggest it. Back when I was 15 (21 now) I did that to some 
> NASA servers, they sent a formal complaint to my ISP and I got the axe.
> 
> What do you want to learn? Why do you need practise?
> 
> I assume you've just compiled nmap :)
> 
> Carla Schroder wrote:
> 
> >What do you consider to be 'mannerly' portscanning? Scanning all kinds of 
> >sites is good education and practice, but I'm leery of being an annoyance. 
> >Or worse, suspected of nefarious activities.

If you're running snort and/or other forms of intrusion detection, it
can be very informative to portscan hosts from which you've received
scans or compromise attempts.

You will then also have the opportunity to provide the owner of the
compromised system with useful information, such as "you have an ssh
daemon backdoor listening on tcp port 54321", should you care to inform
them.

--Stafford




More information about the PLUG mailing list