Hi

This might come as a total noob question but I always wonder how does one scan the internet, I mean like I was  reading the book "KingPin" abt max Butler where he finds a vulnerability in VNC installations and uses some thing called as Port Sweeping to scan the Internet for victims, he even gets into some high security networks.. So I was wondering how can one scan computers out side his network.

Yeah, I do know that it's illegal to scan with out permission. Actually I got my BT5 copy installed today, so I am figuring out how every scanner works .
Thanks for the reply

<nod> towards sil's post.  I've been in a lot of discussions, where I've had to argue the same point.  sil's right.  Sometimes, you still have to debate whether or not your actions might cause you other headaches, but they definitely aren't 'illegal'

There is a fine line on this topic (scanning) between morals and ethics nothing more. While some may choose to believe it is illegal to do so, it is not and has never been. Do not be fooled into thinking you can just run amok and portscan, network admins and engineers don't like it so for example, if someone did so from network and they had no permission, there would be hell to pay if I say an email stating someone was scanning without permission. In that case, what is to stop someone from going the extra mile.

Scanning can be a nuisance. It can and usually will trigger alerts which become costly. Remember someone has to usually analyze what is going on when these events occur. This costs money and takes away time from someone's normal duties. So it is an unappreciated and usually unwelcomed thing to do.

And as tturner points out it is ALWAYS better to have permission

I had been wondering this myself.  Thanks for the discussion.

Actually just yesterday I had to find out what OS a customer machine was running without having any access other than I knew I could ping it.  Nmap saved the day.  However when I did it, I had a strange feeling like, "I wonder if this is throwing up any alerts?"

Comming back to the point of scanning, yep I use a lot nmap to sweep ping  our new customers networks.

Also I need access to some devices and you type: http://1.1.1.1/ but you cannot access, run nmap and got the communication port, etc, etc.

Two days ago i discover a customer that had 3 ports open to internet, using nmap, come on, I LOVE IT