Does use on NMAP and other port scanners illigal ..?

This topic contains 14 replies, has 11 voices, and was last updated by  jason 9 years, 10 months ago.

  • Author
    Posts
  • #4482
     rahulr 
    Participant

    I want to desperately try out tools like nmap and teresse (i hope i have spelled it right) in my network but just want to make sure that use of these tools dont put me into trouble ?

  • #28132
     KrisTeason 
    Participant

    I wouldn’t say it’s illegal necessarily, it’d depend on your ISP and their policy. For the most part I’d say port scanning your own network won’t get you into trouble, scanning others isn’t recommended.

    Source:
    Is Port Scanning Illegal?
    http://answers.yahoo.com

  • #28133
     Trujillo1 
    Participant

    no these tools are both used by ethical hackers n crackers, crackers use these tools to brake in….now ethical hackers can use these same tool also to break in there own networks by doing this they can find out where the weak point in there networks r and that way they can find a way to better secure them selves. so no these tools are not illigal, u gota think like a hacker to stop a hacker

  • #28134
     Ignatius 
    Participant

    I suppose it’s similar to the question:

    “Is a kitchen knife illegal?”

    If it’s used in the kitchen to prepare food, I’d say not but if it’s taken outside into the street or on public transport (not in a case or wrapped in protective material etc), I’d say that the Police would be correct to take the person aside and ask some detailed questions about why they have the knife in a public place without protection.

    Surely it’s related to the circumstances?

  • #28135
     Data_Raid 
    Participant

    Using the tools on a network/device that you do not own will probably be considered illegal, no matter how innocent and helpful you plan to be. It’s similar to walking up to a house that you don’t own and check to see if the doors and windows are locked. You could claim that you were checking the doors to make sure that they were locked so that you could “protect” the house and contents, but if the police saw you doing this you’d probably be arrested for attempted burglary.

    Using the tools is not a crime, but it depends when and how the tools are used. If you plan to scan devices at work make sure that you ask permission from the relevant people first otherwise you’ll be perceived as a criminal and probably treated as such with the possibility of losing your job.

  • #28136
     Kev 
    Participant

    Simple nmap scans are not illegal.  However, if you caused a server to crash you might be held responsible for damages.  Most ISPs look down on it and if you are caught scanning, will freeze your service until you give them a good explanation.  My ISP has a 3 times caught and you’re out policy. They have the right to refuse service to whomever they deem undesirable.  So while you probably wont have the FBI banging down your door, loosing your high speed internet connection would blow.

  • #28137
     rvs 
    Participant

    If you are the admin and you have the privileges to execute such thing then go do it. Check on your policy and procedures and consult your superior I am sure you might get a bad impression with this one. They always think such things are mischievous or doubt. You see its a tool to scan available ports/service. as my friend told me”do no sh** on where you sleep”. Be very cautious on such actions another thing I learn lolz. I always get in trouble on my childhood days… “ignorance is not an excuse”.

  • #28138
     timmedin 
    Participant

    If you are scanning your internal systems, GET WRITTEN PERMISSION!

    The tool isn’t illegal, except maybe in Germany. Anyone know the details of the German law?

  • #28139
     3PIL0GU3 
    Participant

    It’s an interesting question because many of these tools such as Nessus, GFILanguard NMAP and even Metasploit are excellent tools for Network Troubleshooting and correcting flaws in organisational security by administrators.It’s not the tools that should be illegal but the user’s behind the tools who utilise them against their intended use. 

  • #28140
     unsupported 
    Participant

    @timmedin wrote:

    If you are scanning your internal systems, GET WRITTEN PERMISSION!

    The tool isn’t illegal, except maybe in Germany. Anyone know the details of the German law?

    I have not verified this, but it is my understanding that German laws have been rewritten to include a ban on EVIL and that it is not illegal to use hacking tools for research.

  • #28141
     rahulr 
    Participant

    Well i am not a

    Admin
    Network Security Specialist
    Holding a Job
    or wat ever u could think of.

    I am just a student and a network security enthusiast who loves to play around with these tools , but at the same time be sure that i am not damaging others by doing so.
    I primariyl asked this question cuz i wanted to demostrate and learn the usage of these tools .
    Is there any way i can do that ?
    I can arrange for hardware ( 2 laptops or so..)

  • #28142
     jason 
    Participant

    Build yourself a small LAN that’s con connected to anything and go crazy. Better yet, set up something virtualized. There are endless articles on how to set up labs like this for security testing, including a few here.

  • #28143
     3PIL0GU3 
    Participant

    All excellent in theory prob is when you apply for a job and say that you have experience doing this it doesn’t count as industry experience as i’ve learned

  • #28144
     Data_Raid 
    Participant

    @rahulr wrote:

    Well i am not a

    Admin
    Network Security Specialist
    Holding a Job
    or wat ever u could think of.

    I am just a student and a network security enthusiast who loves to play around with these tools , but at the same time be sure that i am not damaging others by doing so.
    I primariyl asked this question cuz i wanted to demostrate and learn the usage of these tools .
    Is there any way i can do that ?
    I can arrange for hardware ( 2 laptops or so..)

    Understable, and the temptation to use the tools is great. BUT like myself and most people have already mentioned above it could be viewed suspiciously if you’re scanning devices on a network that you don’t own. I would like to think and hope that most admins of educational institutions are security aware and have implemented the necessary methods to prevent students from gaining unauthorized access to the systems. Your innocent nmap scans can be viewed as you wanting to access a system to change your exam results  🙂

    As Jason suggested, build yourself a test lab and have fun. I use VMWare Server, it’s free and available from: http://downloads.vmware.com/d/info/datacenter_downloads/vmware_server/2_0 the link is for version 2.x of VMWare Server, the licenses (required) will be available once you download the software.

    Good luck!

  • #28145
     jason 
    Participant

    @3pil0gu3 wrote:

    All excellent in theory prob is when you apply for a job and say that you have experience doing this it doesn’t count as industry experience as i’ve learned

    True, but if you happen to get to an interview, you’ll be miles ahead of the guy that look at them with a blank stare when they ask him what he knows about nmap.

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?