Penetration Testing mailing list archives
Re: Providers blocking portscans - bad news for pentest?
From: "Maarten Hartsuijker" <subscriptions () hartsuijker com>
Date: Wed, 6 Jul 2005 21:23:25 +0200
Hmmm, I hope your ISP is not setting a trend over here in NL. So far, fortunately, I have not noticed any portscan blocking at my ISP. Using low-tech ISP appears to have its advantages as well ;-)
Personally, I still don't know if I consider blocking based on port scans a good or a bad thing. For instance: what would happen if someone decides to spoof the IPS of a couple of subnet-neighbours while portscanning? Or the IP's of the DHCP/DNS servers (I hope these are whitelisted)?
Maarten
There is another consequence of this development. If providers start blocking suspect TCP/IP traffic then we will have to do our portscans from an IP-address near to the Internet entry point of our customers. But usually my customers don't have a free patch from where I could scan their external firewall interface. Most often they use an ADSL connection themselves to do their external portscans. And what if providers start filtering TCP/IP traffic. Then portscans will become very unreliable. Maybe this is "old news" for most of you, but since I haven't seen adiscussion about this, I thought I should mention it.
Current thread:
- RE: Remote Desktop/Term. Serv information leakage, (continued)
- RE: Remote Desktop/Term. Serv information leakage Ha, Jason (Jul 02)
- Re: Remote Desktop/Term. Serv Information leakage kuffya (Jul 02)
- RE: Remote Desktop/Term. Serv Information leakage Paul Fields (Jul 05)
- RE: Remote Desktop/Term. Serv information leakage Salvador.Manaois (Jul 04)
- Providers blocking portscans - bad news for pentest? Petr . Kazil (Jul 04)
- RE: Providers blocking portscans - bad news for pentest? Erin Carroll (Jul 04)
- RE: Providers blocking portscans - bad news for pentest? Alexander Klimov (Jul 05)
- Re: Providers blocking portscans - bad news for pentest? RCS (Jul 05)
- Providers blocking portscans - bad news for pentest? Petr . Kazil (Jul 04)
- Re: Providers blocking portscans - bad news for pentest? Chris Brenton (Jul 04)
- Re: Providers blocking portscans - bad news for pentest? Robert BARABAS (Jul 05)
- Re: Providers blocking portscans - bad news for pentest? Maarten Hartsuijker (Jul 06)
- Message not available
- Re: Providers blocking portscans - bad news for pentest? Christoph Puppe (Jul 07)