Re: [Full-disclosure] Nmap Online
Simon Smith wrote: Why would you do this? For all Nmap fans, our group have implemented Nmap Online service. Its address is http://nmap-online.com/. The interface allows you to perform custom Because you like lawers and being in court? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
thus Schanulleke spake: Simon Smith wrote: Why would you do this? For all Nmap fans, our group have implemented Nmap Online service. Its address is http://nmap-online.com/. The interface allows you to perform custom Because you like lawers and being in court? lawyers are wimps :) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Greg wrote: I don't wish to upset anyone but that answer has to be the craziest FIRST port of call approach I have seen used. I get plenty of those sorts of calls. I take about 30 seconds time on the phone for almost all of them. I say Pull the power plug out of the router. Wait 10 seconds, plug it back in and wait another 10 seconds. OK, try now and almost all of them report it works well. What about the people whose router configuration (which was done by a friend months/years ago) you just resetted? Better prepare for some house visits to restore SOHO router configurations :-) And I think that the more you know about a certain topic, the more you are able to find nice half-decent solutions. Resetting the whole device just because of what is a maybe temporarly problem doesn't seem clever to me. But I understand your point.. At some point in time first level support gets boring. Regards, Christian - -- Christian Khark Lauf [EMAIL PROTECTED] GPG: 0x6AADC60A | IRCnet/silcnyet: Khark silcnyet-Fingerprint: 82DA 447F B957 1E18 82EC 44B7 1800 CC3C 0EDE 6DCA -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD4DBQFFdwo4AaLWKGqtxgoRAuh2AJdpFYr/jK1AA4J00HgFedIgDrJvAJ0UnxbQ I8Xie+CGT9qOUvKv0WeanA== =lWLi -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
-Original Message- From: Christian Khark Lauf [mailto:[EMAIL PROTECTED] Sent: Thursday, 7 December 2006 5:22 AM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Nmap Online -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Greg wrote: I don't wish to upset anyone but that answer has to be the craziest FIRST port of call approach I have seen used. I get plenty of those sorts of calls. I take about 30 seconds time on the phone for almost all of them. I say Pull the power plug out of the router. Wait 10 seconds, plug it back in and wait another 10 seconds. OK, try now and almost all of them report it works well. What about the people whose router configuration (which was done by a friend months/years ago) you just resetted? Better prepare for some house visits to restore SOHO router configurations :-) I am fairly certain that the NV in NV-ram doesn't mean New Victim but Non Volatile. Eg, even if nothing else works so you pull the plug and put it back in, the settings you have changed remain intact. So, in most cases, no you do not need to worry when pulling the plug. And I think that the more you know about a certain topic, the more you are able to find nice half-decent solutions. Resetting the whole device just because of what is a maybe temporarly problem doesn't seem clever to me. That wasn't what I said of course. The whole point was that if the user is complaining about not getting email from their ISP via whatever method they decide to use and/or cannot get onto the web, then pulling the power plug is a viable answer that is normally correct in most situations. Sure, there are some where it isn't the answer but if you find out it is still as bad as it ever was after pulling the plug and putting it back in, then you need to go there, physically, in any case. But I understand your point.. At some point in time first level support gets boring. It wasn't even that which I said. My point was always that there are better ways of doing things. You could drive 30 miles just to pull the plug yourself leaving the current job unfinished or unable to get to that next problem in a suitable response time or you could just tell the person on the phone to do that while you wait and see the result. In most cases, it has been the answer. It has never ALWAYS been the case. In the cases where it works, it is just a more efficient way for YOU to work. No online answer is going to fix a router that just lost its cool and is locked up unless you have installed a remote power down and power up (yeah, they exist but I haven't used one and cant remember the name). The end result of working this way is a happy customer who is now able to work, a contact who feels superior because they worked with you to fix the problem and is more likely to help you out in future when you want something done that they are capable of doing and you can get to your next appointment on time. Call me crazy but I reckon trying it first is always the best approach. Greg. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
1) I'm sure none of you can imagine this, but sometimes running and startup configs aren't the same. YES it's TRUE! So, your approach could be disastrous and is really ill advised. 2) Nmap may not give reliable results from all sites. Surely you've encounted ACLs that caused erroneous nmap results from some locations. As the guy said: sometimes he travels. Having the capability to run it from a neutral location can get by that. I'm sure there's more. On 12/5/06, Greg [EMAIL PROTECTED] wrote: I don't wish to upset anyone but that answer has to be the craziest FIRST port of call approach I have seen used. I get plenty of those sorts of calls. I take about 30 seconds time on the phone for almost all of them. I say Pull the power plug out of the router. Wait 10 seconds, plug it back in and wait another 10 seconds. OK, try now and almost all of them report it works well. So why would I need and how could I use Nmap online to tell me the router went crazy and locked up? Besides, wouldn't it be just as easy to use the Nmap sitting on my computer if I decided I needed to use it? Greg. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
Why would you do this? On 11/28/06 3:19 AM, David Matousek [EMAIL PROTECTED] wrote: Hello, For all Nmap fans, our group have implemented Nmap Online service. Its address is http://nmap-online.com/. The interface allows you to perform custom Nmap scans from our server with only a few limitations in the syntax. The service is free and can be used immediately, no registration is required. Please direct your questions and suggestions to our emails. Regards, ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 12/5/06, Simon Smith [EMAIL PROTECTED] wrote: Why would you do this? Well, for one, sometimes you need to do a port scan when you're not in front of a system that has nmap installed on it. I get a call about once every couple of months, why can't I get into my email server that's sitting behind a hardware router with a hole poked in it for port 110. Doing a port scan on the client's IP address ensures that either yes, the port is open or no, it's not. If it's open then I can proceed with my troubleshooting - if not, I know where to look for the problem. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
-Original Message- From: Ed Carp [mailto:[EMAIL PROTECTED] Sent: Wednesday, 6 December 2006 2:06 PM To: full-disclosure@lists.grok.org.uk Cc: David Matousek Subject: Re: [Full-disclosure] Nmap Online On 12/5/06, Simon Smith [EMAIL PROTECTED] wrote: Why would you do this? Well, for one, sometimes you need to do a port scan when you're not in front of a system that has nmap installed on it. I get a call about once every couple of months, why can't I get into my email server that's sitting behind a hardware router with a hole poked in it for port 110. Doing a port scan on the client's IP address ensures that either yes, the port is open or no, it's not. If it's open then I can proceed with my troubleshooting - if not, I know where to look for the problem. I don't wish to upset anyone but that answer has to be the craziest FIRST port of call approach I have seen used. I get plenty of those sorts of calls. I take about 30 seconds time on the phone for almost all of them. I say Pull the power plug out of the router. Wait 10 seconds, plug it back in and wait another 10 seconds. OK, try now and almost all of them report it works well. So why would I need and how could I use Nmap online to tell me the router went crazy and locked up? Besides, wouldn't it be just as easy to use the Nmap sitting on my computer if I decided I needed to use it? Greg. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On Wed, 6 Dec 2006, Greg wrote: I don't wish to upset anyone but that answer has to be the craziest FIRST port of call approach I have seen used. I get plenty of those sorts of calls. I take about 30 seconds time on the phone for almost all of them. I say Pull the power plug out of the router. Wait 10 seconds, plug it back in and wait another 10 seconds. OK, try now and almost all of them report it works well. That is heavily target market specific... Whilst I offer the same line to some friends and family, others I wouldn't dare start there (out of respect - they've already done everything obvious before asking for help). Besides, wouldn't it be just as easy to use the Nmap sitting on my computer if I decided I needed to use it? If only it was always that easy... I just moved, and whilst the ISP is the same, the CLEC is new - new lines, new IP, some newer softare, etc. I need to verify *my* setup, so: * my local nmap is useless * my work boxen are heavily firewalled - even outbound * my accounts elsewhere usually don't have nmap available to non-admins (and I shy from that role unless needed). So... For me, this has been an great service, and I'm sure I'm not alone. -- Rick Nelson Life'll kill ya -- Warren Zevon Then you'll be dead -- Life'll kill ya ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 12/5/06, Greg [EMAIL PROTECTED] wrote: I don't wish to upset anyone but that answer has to be the craziest FIRST port of call approach I have seen used. I get plenty of those sorts of Who said it was the first thing that was tried? And you just can't pull the plug on a router in a production shop. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
first of all, IANAL, but the TOS seem to cover the basics... However, I am unsure whether they would hold up under strict legal scrutiny. As far as I can tell, they may hold up under US criminal law, but not under civil law, as tort law has its own wonderful little eccentricities. The best safeguard they seem to have is that they must log the source IP of all scan requests... As far as I know, anyone who takes the time to read the nmap man page should be able to craft a scan which won't be detected by the scanned host (can someone be a definitive source on this point?), and anyone taking malicious action ought to be taking sufficient precautions to avoid detection anyway. None-the-less, my 8-ball sees litigation in their future. On 11/30/06, Jason Miller [EMAIL PROTECTED] wrote: im detecting legal actions already. On 11/28/06, David Matousek [EMAIL PROTECTED] wrote: Hello, For all Nmap fans, our group have implemented Nmap Online service. Its address is http://nmap-online.com/. The interface allows you to perform custom Nmap scans from our server with only a few limitations in the syntax. The service is free and can be used immediately, no registration is required. Please direct your questions and suggestions to our emails. Regards, -- David Matousek Founder and Chief Representative of Matousec - Transparent security http://www.matousec.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
I agree with Dave on this one. Dude Van, I thought it was illegal in the states..? Or am I mistaken? Also, think of this from the ISP's view, do they really want a service port scanning their users? And look at it this way, said target has a proxy server on it, attacker proxies into the proxy and scans the target server with that service, since he is now on the targets IP address, I think you understand what I'm getting at by now. nmap is made to find exploits, that is what this service is going to wind up being abused for (in most cases that i know). On 12/1/06, Dave Moore [EMAIL PROTECTED] wrote: On 12/1/06, Mike Huber [EMAIL PROTECTED] wrote: first of all, IANAL, but the TOS seem to cover the basics... However, I am unsure whether they would hold up under strict legal scrutiny. As far as I can tell, they may hold up under US criminal law, but not under civil law, as tort law has its own wonderful little eccentricities. The best safeguard they seem to have is that they must log the source IP of all scan requests... As far as I know, anyone who takes the time to read the nmap man page should be able to craft a scan which won't be detected by the scanned host (can someone be a definitive source on this point?), and anyone taking malicious action ought to be taking sufficient precautions to avoid detection anyway. None-the-less, my 8-ball sees litigation in their future. All nmap scans are detectable. All port scans are detectable. Just depends on how hard you're looking. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
How do you plan on dealing with all the abuse complaints you get hit with when people use your server to perform unauthorized scans of their networks? == David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http://www.upenn.edu/computing/security/ == Shadowserver Foundation Member http://www.shadowserver.org/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Matousek Sent: Tuesday, November 28, 2006 3:19 AM To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Nmap Online Hello, For all Nmap fans, our group have implemented Nmap Online service. Its address is http://nmap-online.com/. The interface allows you to perform custom Nmap scans from our server with only a few limitations in the syntax. The service is free and can be used immediately, no registration is required. Please direct your questions and suggestions to our emails. Regards, -- David Matousek Founder and Chief Representative of Matousec - Transparent security http://www.matousec.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 12/1/06, Jason Miller [EMAIL PROTECTED] wrote: I agree with Dave on this one. Dude Van, I thought it was illegal in the states..? Or am I mistaken? http://www.securityfocus.com/news/126 Also, think of this from the ISP's view, do they really want a service port scanning their users? And look at it this way, said target has a proxy server on it, attacker proxies into the proxy and scans the target server with that service, since he is now on the targets IP address, I think you understand what I'm getting at by now. nmap is made to find exploits, that is what this service is going to wind up being abused for (in most cases that i know). nmap is used to find open ports and fingerprint OS's. What you do with that info is up to you. Here is an example of what is legal vs what isnt: If you scan a machine with nmap from one machine, that is not illegal. If you run 100,00 nmap scans from a distributed botnet and take down their server, thats illegal. If your nmap scan tells you that port 80 is open and you run a nessus scan and find that they are vulnerable to a bug in their webserver is that illegal? I do know If you exploit that weakness and backdoor their machine, you just broke the law, but am unsure about nessus's legality on systems you dont have a get out of jail free card for or own. I have no doubt about nmap though. as long as you dont take down their servers with the scans, you are legit. -JP ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
Service unavailable. Please try again later. That was quick! Col. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
Maybe it got hacked? ...I wonder if someone probably didn't like all the portscans they got from it (thinks of Microsoft) and took it out? David. Col [EMAIL PROTECTED] 12/1/2006 7:48 am Service unavailable. Please try again later. That was quick! Col. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ __ Founded in Faith - Preserved with Pride - Sustained by Spirit __ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
We have set limits to prevent abusing of our service. Yes, one can still scan someone other's network, this is in violation with out Terms of Service. We log every attempt and we are ready to provide these logs to authorities. However, everyone who has Internet access is able to download Nmap and do similar scan. You can do nothing more with our service. There is no damage you can cause with our service even if it is abused. We believe that pros are more than cons here, that people will use our service to fix their issues on their firewalls and networks. -- David Matousek Founder and Chief Representative of Matousec - Transparent security http://www.matousec.com/ David Taylor wrote: How do you plan on dealing with all the abuse complaints you get hit with when people use your server to perform unauthorized scans of their networks? == David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http://www.upenn.edu/computing/security/ == Shadowserver Foundation Member http://www.shadowserver.org/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Matousek Sent: Tuesday, November 28, 2006 3:19 AM To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Nmap Online Hello, For all Nmap fans, our group have implemented Nmap Online service. Its address is http://nmap-online.com/. The interface allows you to perform custom Nmap scans from our server with only a few limitations in the syntax. The service is free and can be used immediately, no registration is required. Please direct your questions and suggestions to our emails. Regards, ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
...I wonder if someone probably didn't like all the portscans they got from it (thinks of Microsoft) and took it out? David. Heck .. how to portscan Microsoft has been in the Nmap man page for ages (even in the help you get when you execute it without arguments) .. although it's not in the latest version (it was the -P0 option). It still has Microsoft as an example in usage though : Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254 ~Mike. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 01 Dec 2006 08:31:11 -0800, Randal L. Schwartz merlyn@stonehenge.com wrote: Dude == Dude VanWinkle [EMAIL PROTECTED] writes: Dude On 12/1/06, Mike Huber [EMAIL PROTECTED] wrote: first of all, IANAL, but the TOS seem to cover the basics... Dude snip None-the-less, my 8-ball sees litigation in their future. Dude portscanning isnt illegal in the states If it can be argued as an unauthorized access, it's at least a misdemeanor in many states, felony in some. And you don't want to be on the wrong end of that prosecution. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 Its obvious that anyone who hires Stonehenge Consulting services is getting someone who cant read. I never said postscanning was illegal. i said it isnt illegal. I even provided a link to the case in georgia that helped decide this. -JPwho is amazed at who can charge $250/hr these days ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 01 Dec 2006 08:33:00 -0800, Randal L. Schwartz merlyn@stonehenge.com wrote: Dude == Dude VanWinkle [EMAIL PROTECTED] writes: Dude Here is an example of what is legal vs what isnt: If you scan a Dude machine with nmap from one machine, that is not illegal. If you run Dude 100,00 nmap scans from a distributed botnet and take down their Dude server, thats illegal. It's clear you're not a lawyer, and anyone who takes your advice here would be a fool. But I just wanted to point that out again for the clueless. so if you are disagreeing with one of the above statements, then one of the following must be true in your opinion: you _can_ legally DoS someones server with 100,000 nmap scans or It is illegal to portscan learn to read buddy. -JP ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
Dude == Dude VanWinkle [EMAIL PROTECTED] writes: Dude On 12/1/06, Mike Huber [EMAIL PROTECTED] wrote: first of all, IANAL, but the TOS seem to cover the basics... Dude snip None-the-less, my 8-ball sees litigation in their future. Dude portscanning isnt illegal in the states If it can be argued as an unauthorized access, it's at least a misdemeanor in many states, felony in some. And you don't want to be on the wrong end of that prosecution. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 merlyn@stonehenge.com URL:http://www.stonehenge.com/merlyn/ Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
Dude == Dude VanWinkle [EMAIL PROTECTED] writes: Dude Here is an example of what is legal vs what isnt: If you scan a Dude machine with nmap from one machine, that is not illegal. If you run Dude 100,00 nmap scans from a distributed botnet and take down their Dude server, thats illegal. It's clear you're not a lawyer, and anyone who takes your advice here would be a fool. But I just wanted to point that out again for the clueless. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 merlyn@stonehenge.com URL:http://www.stonehenge.com/merlyn/ Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 01 Dec 2006 08:54:23 -0800, Randal L. Schwartz merlyn@stonehenge.com wrote: Dude == Dude VanWinkle [EMAIL PROTECTED] writes: Dude Its obvious that anyone who hires Stonehenge Consulting services is Dude getting someone who cant read. I never said postscanning was illegal. Dude i said it isnt illegal. And I'm disagreeing with this. Why? Dude I even provided a link to the case in Dude georgia that helped decide this. If there's caselaw in Georgia, that's useful for Georgia, but certainly isn't referencable in the 49 other states. So you can't generalize that. So, you are disagreeing with Kevin who states: http://www.securityfocus.com/news/126 The ruling does not affect criminal applications of the anti-hacking law, but federal law enforcement officials are generally in agreement that port scanning is not a crime. Do you know of a case where someone was convicted due to a portscan? I can imagine that a portscan may be used in conjunction with other evidence to build a case for intent, but I have not heard of anyone being busted for an nmap scan. I was going to build the case, but it looks like someone has already done it for me: from:http://www.krcf.org/krcfhome/MINDS_NEWYORK/1MoC3e_d.htm snip Only one published opinion has considered the legality of port scans. That court held that such activity did not violate federal or state computer protection statues or other law. The federal district court for the Northern District of Georgia held that a party who conducted port scans of another party's computer systems did not violate the Computer Fraud and Abuse Act (18 U.S.C. s. 1030) [1], because he neither caused damaged nor gained access to the computers at issue. Moulton v. VC3, 2000 WL 3331091 at *6 (N.D. Ga., Nov. 7, 2000). Nor did the port scans violate state law, because they did not interfere with computer or network activity. References: [1] The Computer Fraud and Abuse Act: http://www.usdoj.gov:80/criminal/cybercrime/1030_new.html [2] Moulton v. VC3, 2000 WL 3331091 (N.D. Ga., Nov. 7, 2000) [3] Computer Crime and Intellectual Property Section, U.S. Department of Justice, Legislative Analysis of the 1996 National Information Infrastructure Protection Act: http://www.usdoj.gov:80/criminal/cybercrime/1030_anal.html [4] Computer Crime and Intellectual Property Section, U.S. Department of Justice, Field Guidance on New Authorities That Relate to Computer Crime and Electronic Evidence Enacted in the USA Patriot Act of 2001http://www.usdoj.gov:80/criminal/cybercrime/PatriotAct.htm --- So back to my earlier statement, if you nessus someones machine, that would impact their performance and be illegal, a single nmap scan, not so much. Now I am not saying that some hot-shot lawyer wouldnt be able to convince a judge to imprison someone for an nmap scan but while you may be able to convince a judge that OJ didnt do it, murder is still illegal -JP who has seen someone convicted of hacking from remote via evidence that was 192.168.x ip addresses in the logs ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 01 Dec 2006 08:54:23 -0800, Randal L. Schwartz merlyn@stonehenge.com wrote: If there's caselaw in Georgia, that's useful for Georgia, but certainly isn't referencable in the 49 other states. actually, it is. it is called legal precedence ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
Dude == Dude VanWinkle [EMAIL PROTECTED] writes: Dude On 01 Dec 2006 08:54:23 -0800, Randal L. Schwartz merlyn@stonehenge.com wrote: If there's caselaw in Georgia, that's useful for Georgia, but certainly isn't referencable in the 49 other states. Dude actually, it is. it is called legal precedence It wasn't clear from your posting that you were talking about a federal case. In that case, yes, it's caselaw. However, if it was just Georgia state law, that would *not* create case law for any other state. By the way, caselaw and legal precedent are the same. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 merlyn@stonehenge.com URL:http://www.stonehenge.com/merlyn/ Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 12/1/06, Randall M [EMAIL PROTECTED] wrote: [ [-- [ [Message: 11 [Date: Fri, 1 Dec 2006 06:48:38 -0500 [From: Dude VanWinkle [EMAIL PROTECTED] [Subject: Re: [Full-disclosure] Nmap Online [To: Mike Huber [EMAIL PROTECTED] [Cc: full-disclosure@lists.grok.org.uk [Message-ID: [ [EMAIL PROTECTED] [Content-Type: text/plain; charset=ISO-8859-1; format=flowed [ [On 12/1/06, Mike Huber [EMAIL PROTECTED] wrote: [ first of all, IANAL, but the TOS seem to cover the basics... [snip [ None-the-less, my 8-ball sees litigation in their future. [ [ [portscanning isnt illegal in the states [ [-JPwho really hopesIANAL has something to do with not being [a lawyer [ [ RandallMwondering if JP learned this from experience! -JPwho thinks getting screwed in the ass and hiring a lawyer are close enough so it dosnt matter what the acronym means ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 01 Dec 2006 09:36:58 -0800, Randal L. Schwartz merlyn@stonehenge.com wrote: Dude == Dude VanWinkle [EMAIL PROTECTED] writes: Dude On 01 Dec 2006 08:54:23 -0800, Randal L. Schwartz merlyn@stonehenge.com wrote: If there's caselaw in Georgia, that's useful for Georgia, but certainly isn't referencable in the 49 other states. Dude actually, it is. it is called legal precedence It wasn't clear from your posting that you were talking about a federal case. well try reading the material I reference before saying that anyone who listens to me is a fool next time plz. In that case, yes, it's caselaw. However, if it was just Georgia state law, that would *not* create case law for any other state. By the way, caselaw and legal precedent are the same. thanks for the info, i learned something new today, which makes it a good day. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Nmap Online
On 12/1/06, Mike Huber [EMAIL PROTECTED] wrote: first of all, IANAL, but the TOS seem to cover the basics... However, I am unsure whether they would hold up under strict legal scrutiny. As far as I can tell, they may hold up under US criminal law, but not under civil law, as tort law has its own wonderful little eccentricities. The best safeguard they seem to have is that they must log the source IP of all scan requests... As far as I know, anyone who takes the time to read the nmap man page should be able to craft a scan which won't be detected by the scanned host (can someone be a definitive source on this point?), and anyone taking malicious action ought to be taking sufficient precautions to avoid detection anyway. None-the-less, my 8-ball sees litigation in their future. All nmap scans are detectable. All port scans are detectable. Just depends on how hard you're looking. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Nmap Online
Hello, For all Nmap fans, our group have implemented Nmap Online service. Its address is http://nmap-online.com/. The interface allows you to perform custom Nmap scans from our server with only a few limitations in the syntax. The service is free and can be used immediately, no registration is required. Please direct your questions and suggestions to our emails. Regards, -- David Matousek Founder and Chief Representative of Matousec - Transparent security http://www.matousec.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/