This topic contains 1 reply, has 2 voices, and was last updated by wxildcat 1 month, 2 weeks ago.
- January 21, 2021 at 11:44 am #354154
We have a task of scaning the entire internet (IPv4) and finding hosts with specific port(s). Now, we’re wondering what’s your experience with scanning? How providers, government agencies and other institutions react when your packets start flooding their networks? What are potential consequences (personal or to our server)? Which providers tolerate scanning from their networks (AWS, OVH,..)? We did some country based scans before, but nothing on this scale. P.S. it would be great if someone has an up-to-date “Do Not Scan” CIDR list to share 🙂
- January 21, 2021 at 11:44 am #354155
- January 21, 2021 at 11:44 am #354156
- January 21, 2021 at 11:44 am #354157
Very grey area, if you don’t have permission from the owner of the infrastructure step back and walk away. It’s not worth landing yourself in hot water or worse
For me to even think about scanning a client’s network, I need a contract signed by both parties for permission, scanning can only take place from a specific public IP range and sometimes only at specific times. I’m in the UK so laws may differ elsewhere
Edit: If you do go ahead stay the hell away from government and law enforcement
- January 21, 2021 at 11:44 am #354158
Try dorks if it counts
- January 21, 2021 at 11:44 am #354159
Not sure how helpful this is, but in legal terms port scanning tends to be referred to as “enumeration,” perhaps that gives you another keyword to use when searching EULAs, government policies and laws in your jurisdiction.
- January 21, 2021 at 11:44 am #354160
https://nmap.org/book/legal-issues.html has some info
- January 21, 2021 at 11:44 am #354161
Wouldnt recommend at all.
port scanning is illegal in some states.
- January 21, 2021 at 11:44 am #354162
I have a task, it is counting to 4,000,000,000,000. What number should I start with 0 or 1.
You must be logged in to reply to this topic.