i wanted to start testing my knowladge and what i have learned so far. I have a lab set up consisting of a 2003 server, a couple of os's in vmware and a xp and linux box. i wanted to test even further, so i loaded small business server 2003 on a machine. i am going to set this machine up at my buddys house and go to work from my house. He connects to the internet through a comcast modem, which i will be scanning. Since i have permission i assume everything is fine. Is this something i should notify comcast about beforehand, or should he

Thanks
pjayes

What is that assumption based on? That his friend gave permission?

He may be allowed to attack the systems in the lab but that does not answer the question of using the Comcast network to do so. More than likely they won't care about the scanning traffic but, pjayes, you might want to read the Comcast Terms of Service if you're that concerned about the legality of what you're doing.

Most internet providers expressly forbid putting up servers or services of any kind unless you have a contract with them for business internet access. Any scanning, etc.. is also usually forbidden.

Take a look at the terms and decide for yourself: http://www6.comcast.net/terms/use/

Everyone has likely 'broken' those terms at some point.

dean

Something that you may take away from Dean's comments is that it may actually get your friend in trouble if he is hosting a server on a residential account.

Secondly, a lot of ISPs now have some filters to prevent common attacks and some bandwidth intensive uses like torrent sharing. The corporate accounts are not filtered with the expectation that the company will be in charge of what is allowed and what is not. So doing pen tests from or to a residential account may affect the results of a pen test.

Don

Thats a good point Don. Im real glad i asked before i went ahead and did anything. I think i will stick to my lab, soon enough i hope i will be doing this as a career, i think i can wait till then, thanks for all the advice everyone.

pjayes