Sponsored Links

Any firewall experts ???

KDS

ULTIMATE Member
Hi I got a ip address of a firewall/proxy how do I find out which ports r blocked and which port r open ( from out side the network say my home )

Is it illegal do tat meaning I don’t want to get it to trouble . Pls any one help
 
This isnt exactly what you asked for, but may be of use.
If you are *inside* the network, pointing your browser at
<a href="https://grc.com/x/ne.dll?bh0bkyd2" target="_blank">https://grc.com/x/ne.dll?bh0bkyd2</a>
& doing "test my shields" and "probe my ports" should scan your firewall & report any interesting holes (I doubt there'll be any). Its not a definitive scan, but it makes interesting reading if you run it from a PC with no firewall:)
Note that your firewall will probably notice grc scanning you & presumably log the fact that it happened.
Note also that like it says, you gotta make sure its scanning the right IP; afaik if you just click "test shields" it scans the IP it sees the scan request coming from, which I'd assume is what you want; when I run that "IP agent" thingy it just reports my LAN IP, which is useless:/
Re legality, I know nothing certain about legal consequences, but AFAIK *any* attempt to gain unauthorized access to any system is illegal.
 
If youre trying to scan an external IP (ie. not your own computer) then your probably need a port scanning program.
Try searching on <a href="http://www.downloads.com" target="_blank">www.downloads.com</a> or <a href="http://www.yahoo.com" target="_blank">www.yahoo.com</a> for "port scanner".

I dont think scanning ports is illegal, as long as youre not going to do anything nasty to them once youve found open ports.

<small>[ 09-08-2002, 12:19 PM: Message edited by: Dac ]</small>
 
Sponsored Links
I'm not on the network I have to do it from out side. :(

any way thankx 4 the help 5thWheel.

I'm sure some one here will know the answer :)
.
 
</font><blockquote><font size="1" face="Verdana, Arial">quote:</font><hr /><font size="2" face="Verdana, Arial">Originally posted by KDS:
<strong>Hi I got a ip address of a firewall/proxy how do I find out which ports r blocked and which port r open ( from out side the network say my home )

Is it illegal do tat meaning I don’t want to get it to trouble . Pls any one help</strong></font><hr /></blockquote><font size="2" face="Verdana, Arial">Why do you need to know?
 
thankx Dac I try tat

Yac my m8 is having difficult to upload files to ftp server from her network tats y I want chk tat firewall wats blocked and wats not blocked
 
lol, ok, well i wasnt going to mention downloading of portscanners specifically, but since someone already has, the one i use is:
nmap
avail from
<a href="http://www.insecure.org/nmap/nmap_download.html" target="_blank">http://www.insecure.org/nmap/nmap_download.html</a>

note, re "I dont think scanning ports is illegal, as long as youre not going to do anything nasty to them once youve found open ports.", although as I said I have no legal knowledge myself, we were briefed at work that
"any attempt to gain unauthorised access to a remote machine is illegal": presumably connecting to a port on a remote machine is "gaining access" to that machine; but if your friend has said its ok I guess your authorised...
 
Sponsored Links
Be very carefull who/what you scan some people run revenge modes and if scanned can send some nasty things back <img border="0" title="" alt="[Frown]" src="frown.gif" />
 
Thankx 5thWheel I think tats a cool software. Bit hard 2 use I think (reading the help files @ mo)

davidessex I'm gone spool my ip address :)
 
Um, why do you need to spoof your IP if you are scanning a friend's firewall?
& regardless of whether you spoof your IP, your ISP will know you are portscanning & presumably have your phone number...
 
All sounds a bit dodgy if you ask me....... I dont quite understand why you want to run a port scan when the problem your having is with uploading files onto an ftp..?

What happens when you try to connect to the ftp? Do you get a connected socket? Does it time out? Does it refuse the connection completly?

Let me know,

Ali.
 
Sponsored Links
well it all sounded alot dodgy to me from the beginning (is why i initally posted grc instead), but whatever. If you got probs FTPing,
<a href="http://www.smartftp.com/" target="_blank">http://www.smartftp.com/</a>
^^^ generates a log as it goes along, so you can easily see where problems lie.
 
No I wont do any thing doggy. I said to spool coz davidessex said it's might send some nasty things back (to be on the safe side)

Hey I'll try tell her to try <a href="http://www.smartftp.com/" target="_blank">http://www.smartftp.com/</a> I haven got enough info ali otherwise i would have answered ur question.

Thankx
 
Yeah some people send nasty things back but in return your firewall should stop anything that people send back to you in return.
P.S What firewall ARE you using?
Why dont you give someone here you IP and get them to scan it? Better to get someone here to do it than have huge holes in your firewall for any script kiddie to exploit.
 
I'll send you a card KDS, when you find out which jail they're sending you to <img border="0" title="" alt="[Wink]" src="wink.gif" /> .
 
</font><blockquote><font size="1" face="Verdana, Arial">quote:</font><hr /><font size="2" face="Verdana, Arial">Originally posted by crashandburn:
<strong>I'll send you a card KDS, when you find out which jail they're sending you to <img border="0" title="" alt="[Wink]" src="wink.gif" /> .</strong></font><hr /></blockquote><font size="2" face="Verdana, Arial">Hey I will say who my leader. <img border="0" title="" alt="[Wink]" src="wink.gif" />
 
Sponsored Links
</font><blockquote><font size="1" face="Verdana, Arial">quote:</font><hr /><font size="2" face="Verdana, Arial">Originally posted by Dac:
<strong>I dont think scanning ports is illegal, as long as youre not going to do anything nasty to them once youve found open ports.</strong></font><hr /></blockquote><font size="2" face="Verdana, Arial">That one is a matter of some dispute. My own view is that scanning ports when not authorised to do so by the other party is a Section 1 Computer Misuse Act offence if you were aware that you did not have authority.

If you ever have any doubts then consult this document - <a href="http://www.hmso.gov.uk/acts/acts1990/Ukpga_19900018_en_1.htm" target="_blank">http://www.hmso.gov.uk/acts/acts1990/Ukpga_19900018_en_1.htm</a>

Section 1 basically makes it illegal to access any data or programs on a computer that you do not have the authority to do so. There is no mention of intent to commit any other offence. The act of connecting "unauthorised" is an offence.

So if you used a program like Superscan that does a TCP "connect" scan then you may have committed an offence by having secured access i.e. connected. The difficulty comes with more sophisticated scanning tools such as NMAP which can do "half-open" scans. With these you send a packet, the other end responds but you don't complete the connection. In my view this cannot be an offence since access wasn't "secured" i.e. established. But this is just my view - it is a bit of a grey area!

Section 2 refers to securing access to commit a further offence. There has to be proven intent to commit a further offence as a result of unauthorised access.

Section 3 then refers to the modification of data, programs, etc. This is the most serious! So if you want to upload that copy of your favourite trojan then you could be looking at 5 years and a big fine buddy!

Of course, the above summary is much simplified. Read the Act - there are lots of ways of interpreting it and it is badly in need of an update to bring it into the 21st century.

I hope that helps.

Regards
Emeric Miszti
<a href="http://www.uksecurityonline.com" target="_blank">http://www.uksecurityonline.com</a>
 
Nicely put sir, which is why I bundle persistent scanners addresses and send to abuse@ with the item you mention, as many ***ISP's*** do not stop such activity.

M.
 
</font><blockquote><font size="1" face="Verdana, Arial">quote:</font><hr /><font size="2" face="Verdana, Arial">..."half-open" scans ...you send a packet, the other end responds but you don't complete the connection. In my view this cannot be an offence since access wasn't "secured" i.e. established. But this is just my view - it is a bit of a grey area!</font><hr /></blockquote><font size="2" face="Verdana, Arial">mmm, i agree legalese = confusing!
IMO, even these "half-open" thingys would constitute an offense tho: aren't you still causing your computer to access a program on the target machine: the "program" that handles incoming connections (or whatever, excuse if i talk nonsense, networking not my speciality). IMO it wouldn't matter that you haven't fully established a connection, you are still exchanging data with a program on a remote PC, which would fulfil 1(1)(a).

& re DJToltec asking KDS "Why dont you give someone here you IP": afaik this msgboard logs & timestamps everyones IP, so ISPr staff/ admins presumably got his number at least:)
 
>> aren't you still causing your computer to access a program on the target machine<<

The problems come with the whole authorised/unauthorised concept as well at the concept of what consititutes a connection.

If you don't connect how can you read the message that says access is unauthorised, if indeed there is such a message!

What makes an "anonymous" port 80 access to a web server to read a web page "authorised" and a connection to a similarly open port 139 still "anonymously" unauthorised, except that you can assume that port 139 has been left open by an inexperienced admin, or has it, how can someone know?

I won't put up the exact syntax here but using the advanced features of search engines its possible to do some very specific searches on Google. These searches can find .mdb files, .xls files, .doc files and many more permutations. Now is accessing these files authorised or unauthorised since they are indexed by the search engines and quite clearly being "advertised" by the owners. The same goes for people who store copies of credit card transactions on their servers and then let the spiders from Google, Altavista, et al index them.

What has obviously happened is that they are sitting on a folder that is accessible from a web server and the server administrator doesn't have a robots.txt excluding these from being indexed so they can be downloaded by anyone. While checking out this latest method of access used by many hackers I found some shocking exposures such as a hospital displaying all their post-mortems done of children since 1988!!! Shocking irresponsibility on the part of administrators.

There is absolutely no point in having genuine users authenticated on a web server from an Access database if you then put that database on a public folder with Internet access and then just to compound this you fail to exlude that database from being spidered, thus exposing the data to anyone who cares to look!

So where is the line between authorised/unauthorised? Who is doing the authorising? Is a prosecution even possible if you don't have a warning that is issued everytime someone connects to your PC defining what is authorised access and what is unauthorised.

In theory every web site owner is committing an offence when their web server connects to your PC to send the data you requested since they didn't specifically ask your permission to send the data.Strictly speaking your request for information didn't give them explicit permission to connect back to you. To be fully legal the web server should warn that sending the data requires a connection to your machine and ask for your permission.

Furthermore, are cookies strictly speaking legal since they could constitute a section 3 offence by modifying files or creating files on your PC if you didn't specifically authorise them. What about spyware?

The big problem is the CMA became law in 1990 and the Internet was almost non-existent then. It does need an update with clearer definitions! Unfortunately, we will continue to see low levels of prosecution and conviction until this Act is updated.

Regards
Emeric
<a href="http://www.uksecurityonline.com" target="_blank">http://www.uksecurityonline.com</a>
 
Top
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £25.99
145Mbps
Gift: £50 Reward Card
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Youfibre UK ISP Logo
Youfibre £23.99
150Mbps
Gift: None
Large Availability | View All
Sponsored Links
The Top 15 Category Tags
  1. FTTP (6028)
  2. BT (3639)
  3. Politics (2721)
  4. Business (2440)
  5. Openreach (2405)
  6. Building Digital UK (2330)
  7. Mobile Broadband (2146)
  8. FTTC (2083)
  9. Statistics (1902)
  10. 4G (1816)
  11. Virgin Media (1764)
  12. Ofcom Regulation (1582)
  13. Fibre Optic (1467)
  14. Wireless Internet (1462)
  15. 5G (1407)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules