This topic contains 1 reply, has 2 voices, and was last updated by 
- Posts
We have a task of scaning the entire internet (IPv4) and finding hosts with specific port(s). Now, we’re wondering what’s your experience with scanning? How providers, government agencies and other institutions react when your packets start flooding their networks? What are potential consequences (personal or to our server)? Which providers tolerate scanning from their networks (AWS, OVH,..)? We did some country based scans before, but nothing on this scale. P.S. it would be great if someone has an up-to-date “Do Not Scan” CIDR list to share 🙂
wxildcatShodan.io
DrinkMoreCodeMoremasscan ftw
blurry_face-Very grey area, if you don’t have permission from the owner of the infrastructure step back and walk away. It’s not worth landing yourself in hot water or worse
For me to even think about scanning a client’s network, I need a contract signed by both parties for permission, scanning can only take place from a specific public IP range and sometimes only at specific times. I’m in the UK so laws may differ elsewhere
Edit: If you do go ahead stay the hell away from government and law enforcement
bjjfanboyTry dorks if it counts
sleepless_iNot sure how helpful this is, but in legal terms port scanning tends to be referred to as “enumeration,” perhaps that gives you another keyword to use when searching EULAs, government policies and laws in your jurisdiction.
ben247x1https://nmap.org/book/legal-issues.html has some info
visually_coolWouldnt recommend at all.
port scanning is illegal in some states.
sixminutemileI have a task, it is counting to 4,000,000,000,000. What number should I start with 0 or 1.
You must be logged in to reply to this topic.
Comments