We are talking three different issues. Port scanning out to the internet, port scanning from the internet and port scanning a local network.
Here is a common policy used amoung three employers that I know: You port scan out to the internet you will get reprimended. Getting port scanned from the internet is a (protected) risk but legal. port scanning a local network by personel responsible for the network is correct and justified as long as it is approved by management (Let them know what your doing so they will not be blindsided by a employee who just installed norton and is telling them you are probing their system), port scanning without permission will get you repremended. Port scanning the local network by someone who isn't responsible for the network will get reprimended. Port scanning used on unknown hosts is a threating activity. You are searching for services. Your reasoning may be noble but will get you into trouble. Good word on software policy. Most software policies strictly state that you are not allowed to install software that has not been approved. (including port scanning software). So if you are approved to install port scanning software this doesn't mean that your approved to use it on certain hosts. It is well known that IT departments are expected to use tools to verify the stability of the network. If you work for a small mom and pop shop where their is no IT department. It is still a requirement to let the owners know what your doing. So when they get a call from a ISP saying your port scanning. They can defend you. --Travis > Wrong. This only happens when there are faceless bureaucracies setting > silly blanket policies. In the last three jobs I've had, I would've been > negligent if I had *not* portscanned machines of my company, my coworkers, > our servers, and servers of potential partners on my own initiative. And I > don't have a network security job -- the companies I deal with don't have > big security groups and they need all the help they can get to keep their > networks secure. > > Aside from that, portscanning is *not* a threatening activity. Hooking up > to the network means you accept incoming traffic and are allowed to send > outgoing traffic as part of the bargain. If you don't want any incoming > traffic, then tell your firewall that, don't complain to people whose > activities follow the software policy you implicitly set up.
signature.asc
Description: This is a digitally signed message part
____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
