|
-
February 2nd, 2003, 12:35 PM
#1
Registered User
port scanner
Im a simple PC builder/repairer.
The workings of networks and their complexities above simple peer to peer is not for me. I dabble, and I set up small networks when requested.
I have a problem with a guy who frequents a local on-line centre that I helped provide equipment and services for, who is causing a headache to the volounteers who run it. They are a drop in centre that was lucky enough to land a grant for a small network of 8 new PCs all with internet access via ADSL. Its great for the "drop outs who drop in" for a whole manner of uses. BUT. The system does get abused at times by people who have found out about it to come in a muck about. We expected this, and deal with it. But weve now got some smart arse who is bragging about his use of a program called Blues Port Scan. Hes pursuaded the volounteers that its legit and that hes doing nothing wrong, although the system was set up for the use of certain programmes only as designated by the terms of the grant. Before I go to see the volounteers and tell them to give this guy the red card, I was wondering if someone could tell me about this prog, what it REALLY gets used for etc etc... Treat me as a complete novice, this way I can relate it better to them. Thx in advance.
-
February 2nd, 2003, 12:54 PM
#2
Avatar Goes Here
Its used for checking the status of ports, whether they are open, closed, stealthed etc. He may be using it to legitamately learn about security, but I doubt that if he is bragging
-
February 2nd, 2003, 02:06 PM
#3
Registered User
What , in all likelyhood, would he be using it for, and what other progs would we expect to see him using as a result??
-
February 2nd, 2003, 02:42 PM
#4
Registered User
I use a similar program called Angry IP Scanner. What it does is scans a range of IP addresses and then if you specify the option it will scan a range of ports you select on each ip that has an active ping. This can be usefull on private networks when checking systems for open ports (IE file servers running ftp that kind of thing). But the same goes for public networks (the internet). You can scan a range of ip addresses and it will show you all the active computers that return pings on that segmant. It will also take it a step further and allow you to see the netbios name workgroup and sometimes even the user that is logged in. If they have file sharing enabled it will allow you to connect to that system and view public shares (shares with no password requirements). My guess is that he is using it for the latter. For you to get a feel of the program I would download it and run it on your system. You will see what a powerful tool it is and in the wrong hands what damage can be done.
"I feel like one of those mass murderers on death row. I never understood how the hell they got more chicks than I did. Now I know. They sold crap on eBay." -- Anonymous ebayer
"I figured out what's wrong with life: it's other people." -- Dilbert
-
February 2nd, 2003, 09:11 PM
#5
Registered User
I agree with gollo,
Port scanner are great for finding security issues on your LAN. or even evualting a clients internet status.
But in both cases, no one "Brags" about using it. It is a tool... why brag that we can use a hammer?!? LOL
More than likely he is using it to scan the LAN and hack other useres on the loacal network to "see" what they are doing. Taking it one step further...
He may also be using your ADSL connection for scanning the internet and launching attacks on other public computers that are open for what ever reason. The 1st time he hot a place that has good logging turned on and he gets caught... it will be traced back to THAT LAN. not him!
I would pull him aside and speak to him, as a "friend", and be like .... "Cool... so what you use it for man... I would love for YOU TO TEACH ME!, if he likes to brag he will most likely demonstrate what he has been doing... may take you a few times.. meeting him, but he'll crack.
Then.. BUST HIM! Ban him, and if it is really bad call the Police / FBI (or whover is incharege of computer crim in your area.
MUHAHAHahahaha
You know you want a crabby patty!!
-
February 2nd, 2003, 11:21 PM
#6
Registered User
I'd personally like to find the fingers of every punk with a port scanner and smash his fingers. There's only one reason to sweep the internet.
-
February 3rd, 2003, 04:58 AM
#7
Driver Terrier
There is a lovely program called deep freeze that may be very usefull in a setup such as this.
It allows you to install anything you like, but as soon as you reboot, its back to where it was before - the ultimate antivirus tool I think!
Setup correctly script kiddie there would have no ability to run anything for longer than his own session. BTW this type of kid has me looking for keyloggers and other hidden processes.
-
February 3rd, 2003, 11:52 AM
#8
Registered User
exactly noonoo...
Look for things like "expl0rer"
where a leter is transposed for a number... many windows fonts... i's and L's look similar and 1's and L's...
-
February 6th, 2003, 03:00 PM
#9
Setup computer security policies and shutdown the ability to install software.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
Bookmarks