RE: Legal? Road Runner proactive scanning.

["Mark Medici" <mark () dbma com>]

What could be considered "illegal" or "unethical" or even "unexpected"
about scanning your own network for security vulnerabilities and
prohibited services?  Personally, I welcome any signs of responsible
behavior from ISPs whom, as a category, seem to be mostly clueless on
issues any more complicated setting-up Outlook Express and Netscape for
email (maybe that's not fair, but my only contact with most of these
organizations is via the call center).

Remember, the ISP "owns" the network; you are only a subscriber.  They
drive the bus and collect the fare; you either enjoy the ride or get off
and walk.


> -----Original Message-----
> From: Mitchell Rowton [mailto:mrowton () bdo com]
> Sent: Thursday, March 11, 2004 5:11 PM
> To: bsampsel () libertyactivist org; security-basics () securityfocus com
> Subject: Re: Legal? Road Runner proactive scanning.
>
> I'm sure they could argue that a port scan was checking ports for
"open
> proxies."  Are they just scanning for port 25 or actually doing an
open
> relay test?  Same with proxy, are they just scanning for 8080 and
other
> ports, or are they testing also?
>
> Sounds like they are abusing machines to find out if they can be
> "abused for malicious purposes."
>
> > > > "Bryan S. Sampsel" <bsampsel () libertyactivist org> 03/10/04 06:58PM
> I've had entries from that system performing port scans...not simply
> SMTP
> relay checking.
>
> I think it's time to block 'em at the firewall, as I consider this
> tantamount to an attack myself.
>
> IMO,
>
> bryan
>
>
>
> Greg said:
> > We saw the same thing about a year ago and contacted them. They
> > basically read to us verbatim what you have below. We now simply
> block
> > that particular IP at the firewall. They haven't bothered us since.
> >
> > --- jbod <for_the_republic () yahoo com> wrote:
> > > Proactive scanning.  If everyone did this how would
> > > you ever sort through your logs?  Your IDS would go
> > > nuts constantly.
> > >
> > > Excerpt:  "If your server connects to ours, we reserve
> > > the absolute right to perform SMTP relay and open
> > > proxy server tests upon the connecting IP address, to
> > > ensure that the machine at that IP address cannot be
> > > abused for malicious purposes."
> > >
> > >
> > > http://securityscan.sec.rr.com/probing.htm
> > > http://24.30.199.228/probing.htm
> >
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! Search - Find what you're looking for faster
> > http://search.yahoo.com
------------------------------------------------------------------------
--
> -
> > Ethical Hacking at the InfoSec Institute. Mention this ad and get
> $545 off
> > any course! All of our class sizes are guaranteed to be 10 students
> or
> > less
> > to facilitate one-on-one interaction with one of our expert
> instructors.
> > Attend a course taught by an expert instructor with years of
> in-the-field
> > pen testing experience in our state of the art hacking lab. Master
> the
> > skills
> > of an Ethical Hacker to better assess the security of your
> organization.
> > Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> >
------------------------------------------------------------------------
--
> --
> >
------------------------------------------------------------------------
--
> -
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
> off
> any course! All of our class sizes are guaranteed to be 10 students or
> less
> to facilitate one-on-one interaction with one of our expert
> instructors.
> Attend a course taught by an expert instructor with years of
> in-the-field
> pen testing experience in our state of the art hacking lab. Master the
> skills
> of an Ethical Hacker to better assess the security of your
> organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
--
> --
>
>
>
> NOTICE:
> The contents of this email and any attachments to it may contain
> privileged and confidential information from BDO Seidman, LLP.  This
> information is only for the viewing or use of the intended recipient.
If
> you are not the intended recipient, you are hereby notified that any
> disclosure, copying, distribution or use of, or the taking of any
action
> in reliance upon, the information contained in this e-mail, or any of
the
> attachments to this e-mail, is strictly prohibited and that this
e-mail
> and all of the attachments to this e-mail, if any, must be immediately
> returned to BDO Seidman, LLP or destroyed and, in either case, this
e-mail
> and all attachments to this e-mail must be immediately deleted from
your
> computer without making any copies thereof.  If you have received this
e-
> mail in error, please notify BDO Seidman, LLP by e-mail immediately.
------------------------------------------------------------------------
--
> -
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
> any course! All of our class sizes are guaranteed to be 10 students or
> less
> to facilitate one-on-one interaction with one of our expert
instructors.
> Attend a course taught by an expert instructor with years of
in-the-field
> pen testing experience in our state of the art hacking lab. Master the
> skills
> of an Ethical Hacker to better assess the security of your
organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
--
> --



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------