New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Is there a server that supports scanning?
This discussion has been closed.
Comments
this is called valuation, honor....
Nobody can earn the "power" of insult other people.
By the way i'm closing that discussion now.
Have nice sunday.
is not cost effective to co locate scanner with server.... i tried
@matteob so you're ignoring the merits again (my post) and going back to emotional arguments? I know it's easier, but then
No @Clouvider i just ignore you because i expressed my opinion. If you allow scanners in your network is your decision and i'm not interested on it.
As said in other conversation i not talk about competitors and you should do the same. (like the post on ovh employee did some days ago).
But i repeat is only my business idea, if you have other one, i respect it.
Have nice sunday
My apologies for the FBI thing. I am an asshole from time to time and could not resist.
However, where is the link to a law that declares port scanning as illegal? It can be an italian one! No problem. But show me one!
Again: I fully understand that port scanning is nothing a provider or server owner likes too much. But is it forbidden, as you say? You owe me some proof for it if you shout around like this:
I don't like people scanning the ports of my servers, too. If someone randomly knocks on the doors of my house, then I will probably get angry. But if he does not do this on a daily basis and if he does not violate any law to get close to my doors, because they are reachable from public ground, then there is not much I can do.
Thank you i appreciate this.
The EU Regulamentation say that port scanning is illegal when there is a connection try to the remote host without explicit authorization. This is a grey zone. So, what is a "connection try?". I mean if you scan port 80 to check if is open, is like any normal tcp connection and you're not infranging any laws.
If you scan for find vulnerabilities or malware or similar this is considered "computer crime" except for countries that not have computer crimes in their law regulations and authorized security companies, usually governative, that generate reports.
And this is the laws part. Now ISP parts:
For ISP & Telcos is hard (very hard) monitor why you're scanning, so is common practice to block every request and authorize case by case.
For example, we have C.S.I. in our network, that is governative entity that do similar job and have special authorization.
Definitely scanning is a grey part of regulamentation and to keep ips reputation clean and internet little more safe is common for trusted companies and telcos prohibit it and authorize only few entities.
Scanning for let users should always be considered illegal, because, be honest, who ask server to scan on this forum, 99% of times is to find vulnerabilites to create botnet.
Now we are getting closer. It is a grey zone, it might be ugly and it can be suspicious. It might even be a punishable offense, depending on the way of scanning and what happens afterwards. But just scanning the net for (let's say) servers running with port 21 open is not scanning for vulnerabilities per se. It's just annoying, like children pressing your door bell. Can we agree on this and have a nice rest of the Sunday?
i think we're saying same thing and are replying, but are on the same part. Yes if you check only if port is open you not do any law infrangements, but how many here do this?
No, We don't allow scanners on our network. I think you have serious problem understanding term 'legal' mate. Stop trying to spin it so it suits your narrative.
No, you're contesting legality, these are two completely different things.
And likewise.
Which legislation exactly, please?
See you keep telling stuff, and contest stuff passionately. You're called out on being sloppy at best with your research. Instead of proving someone wrong with the actual data, like for example I have referred to Computer Misuse Act 1990 in the UK, you choose to go into emotional discussion to defend your point of view without any actual merit, and you continue to do so after I've called you out like 3 times on it already, among others.
I get it, you passionately hate your network being scanned. Me too. It doesn't make it any more illegal.
So until you actually provide any solid evidence to the contrary please follow your own advice and
I can throw some more merit into the discussion. Even Wikipedia says https://en.wikipedia.org/wiki/Port_scanner#Legal_implications
Which proves my point about intent. If you follow my DIY interpretation, Example: port scanning as an act is legal. Scanning for research is legal. Scanning for potential victims in order to hack them or turn them into a zombie is not legal, as a general rule of thumb.
This has nothing to do with the civil law / contract law between a hosting company and their Customers which permits or prohibits using services for certain actions, which I feel that you're mixing up with the actual law introduced as an Act of the Parlament.
Read my post please. If i call "grey zone", this mean that regulamentations need to be interpret.
To stay on UK (that i'm not expert as i know better IT that is learned by EU regulamentations) check what i said:
This mean that if you scan to see if port 80 is OPEN this is agreed because is a normal tcp connection.
BUT
If you scan for a possible sql injection on port 80 this is considered unauthorised access and you're punished (on UK for example) with 12 months/maximum fine.
This is what Computer Misuse Act 1990 report:
__ unauthorised access with intent to commit or facilitate commission of further offences, punishable by 12 months/maximum fine (or 6 months in Scotland) on summary conviction and/or 5 years/fine on indictment;[9] __
So i repeat
Scanning for let users should always be considered illegal, because, be honest, who ask server to scan on this forum, 99% of times is to find vulnerabilites. and an authorized company not need to ask server on the LET because they have proper networks and every ip ranges are authorized and high monitored from third party to avoid that unmonitored company can do abuses
Great, but this is not port scanning any more, is it ? We're not discussing that. We're discussing port scanning @matteob, as per your own post:
I beg to differ.
Great, so you'll agree with me that INTENT is the most important part in this ? And that the actual port scanning is legal ? And is only illegal if you intent to : "commit or facilitate commission of further offences" as per what you've cited here from the link I gave you before?
Ehh. Ok, show me a legislation that differentiate between LET users and other users in that matter ?
I dis just an example, for example you can scan for open netbios or ldap services. These are example of PORT scanning and all we know why someone search these ports.
There are tons of example.
For LET check the users base and the reason why they do port scan and you will get the reply. But is not only on LET
You are arguing about grey zones and if there is a clear law that prohibit port scanning. You forgot something: law is not a static thing (there are daily regulations in all over the world) and there are courts that can decide if a grey area in a particular case is, in fact, leading to brake the law or not.
What I am saying is this:
Port scanning is not illegal itself, but the majority of actions that are usually following port scanning are. So, let's say I am a hosting provider and I get a lot of port scanning from a network. I could sue the one that does that, with argument that he has no other intention than, let's say, hack my infrastructure.
We will go to court and I have to present my arguments about the danger I face. He, on the other side, has to explain why did he scanned ports of my network and, maybe, prove that his intentions was not malicious.
So, the court may -or not- decide against him because he couldn't -or could- prove that his intentions were clear and legit.
And, in some cases, the decision of the court could act as a law in the future (concept of res judicata).
TL'DR Laws are not covering every single aspect of our being. And some of them are abandoned while some of them added every day. Grey areas of acts can be or not illegal and, when there is not a clear law, courts can decide about them.
Eh, waste of time discussing with you @matteob. You just can't admit that you're not right no matter how thoroughly it's proved to you. You spin stuff around and jump from port scanning to contract law then hacking and now to some various examples that have nothing to do with the actual matter at hand.
I'm out of here. Time to do something more productive ;-).
I guess the whole thread will lead to nowhere. The OP will not find the requested information here and we are spinning in circles. Let's all have a great rest of the Sunday. One Love, folks!