.

How does one can do port sweeping...

<<

hurtl0cker

User avatar

Jr. Member
Jr. Member

Posts: 73

Joined: Thu Nov 18, 2010 10:09 am

Location: WWW

Post Thu Jul 28, 2011 8:45 am

How does one can do port sweeping...

Hi

This might come as a total noob question but I always wonder how does one scan the internet, I mean like I was  reading the book "KingPin" abt max Butler where he finds a vulnerability in VNC installations and uses some thing called as Port Sweeping to scan the Internet for victims, he even gets into some high security networks.. So I was wondering how can one scan computers out side his network.
Last edited by hurtl0cker on Thu Jul 28, 2011 8:59 am, edited 1 time in total.
“Knowing is not enough; we must apply. Willing is not enough: we must do.”
- Bruce Lee
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Thu Jul 28, 2011 9:12 am

Re: How does one can do port sweeping...

nmap, unicornscan or any port scanner. FYI it's illegal to scan systems you don't have permission to scan, or own.
<<

hurtl0cker

User avatar

Jr. Member
Jr. Member

Posts: 73

Joined: Thu Nov 18, 2010 10:09 am

Location: WWW

Post Thu Jul 28, 2011 9:31 am

Re: How does one can do port sweeping...

Yeah, I do know that it's illegal to scan with out permission. Actually I got my BT5 copy installed today, so I am figuring out how every scanner works :) .
Thanks for the reply
“Knowing is not enough; we must apply. Willing is not enough: we must do.”
- Bruce Lee
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Thu Jul 28, 2011 9:40 am

Re: How does one can do port sweeping...

cd1zz wrote:nmap, unicornscan or any port scanner. FYI it's illegal to scan systems you don't have permission to scan, or own.


Technically you're wrong. While its not ethical to scan someone it is not illegal. (http://nmap.org/book/legal-issues.html) I can attest to firsthand accounts of being on a federal trial which concurred that although unethical, there is nothing illegal about it. There is not one USC that anyone can point to that would attest to it being illegal. Unethical, maybe, illegal, not
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1695

Joined: Mon Jan 29, 2007 2:59 pm

Post Thu Jul 28, 2011 9:46 am

Re: How does one can do port sweeping...

<nod> towards sil's post.  I've been in a lot of discussions, where I've had to argue the same point.  sil's right.  Sometimes, you still have to debate whether or not your actions might cause you other headaches, but they definitely aren't 'illegal'
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Thu Jul 28, 2011 9:57 am

Re: How does one can do port sweeping...

This does not extend to vulnerability scanners AFAIK. Many vuln scanners check for things like default passwords and then login and enumerate installed software, users, etc. That would be illegal. You may find that certain Nmap NSE scripts cross the line here as well so be mindful as the lines are constantly being blurred here, especially with regards to Nmap.

The laws are not very mature here defining what is and what is not OK. I would be very careful about doing anything without permission as you may find yourself involved in a case that sets precedent for new case law. Lucky you. Also if by your actions you cause quantifiable damage to a network you may also open yourself up to civil suits even if you are not charged with criminal action.

Always Get Permission!
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Thu Jul 28, 2011 9:59 am

Re: How does one can do port sweeping...

hayabusa wrote:<nod> towards sil's post.  I've been in a lot of discussions, where I've had to argue the same point.  sil's right.  Sometimes, you still have to debate whether or not your actions might cause you other headaches, but they definitely aren't 'illegal'


There is a fine line on this topic (scanning) between morals and ethics nothing more. While some may choose to believe it is illegal to do so, it is not and has never been. Do not be fooled into thinking you can just run amok and portscan, network admins and engineers don't like it so for example, if someone did so from network and they had no permission, there would be hell to pay if I say an email stating someone was scanning without permission. In that case, what is to stop someone from going the extra mile.

Scanning can be a nuisance. It can and usually will trigger alerts which become costly. Remember someone has to usually analyze what is going on when these events occur. This costs money and takes away time from someone's normal duties. So it is an unappreciated and usually unwelcomed thing to do.

And as tturner points out it is ALWAYS better to have permission
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Thu Jul 28, 2011 10:10 am

Re: How does one can do port sweeping...

@sil that's not totally true. Depends where you live per the article you posted.
<<

yatz

Full Member
Full Member

Posts: 222

Joined: Tue May 25, 2010 2:58 pm

Post Thu Jul 28, 2011 10:38 am

Re: How does one can do port sweeping...

I had been wondering this myself.  Thanks for the discussion.

Actually just yesterday I had to find out what OS a customer machine was running without having any access other than I knew I could ping it.  Nmap saved the day.  However when I did it, I had a strange feeling like, "I wonder if this is throwing up any alerts?"
"Live as though you would die tomorrow, learn as though you would live forever."

CCNA, MCSA, MCTS, Sec+, Net+, Linux+, CEH
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1695

Joined: Mon Jan 29, 2007 2:59 pm

Post Thu Jul 28, 2011 6:19 pm

Re: How does one can do port sweeping...

@sil -that's EXACTLY what I meant by debating the 'other' headaches you might get.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

impelse

Hero Member
Hero Member

Posts: 619

Joined: Mon Feb 16, 2009 3:40 pm

Post Thu Jul 28, 2011 9:11 pm

Re: How does one can do port sweeping...

Comming back to the point of scanning, yep I use a lot nmap to sweep ping  our new customers networks.

Also I need access to some devices and you type: http://1.1.1.1/ but you cannot access, run nmap and got the communication port, etc, etc.

Two days ago i discover a customer that had 3 ports open to internet, using nmap, come on, I LOVE IT
CCNA, Security+, 70-290, 70-291
CCNA Security
CEH
Online Pentest lab: http://www.thehost1.com/
Blog: http://blog.thehost1.com/

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software