Security Basics mailing list archives

Re: Nmap Online

From: Sean Swayze <sean.swayze () gmail com>
Date: Wed, 6 Dec 2006 18:57:16 -0500

Hello All,

I concur with Craig. Making nmap available through a publiclyavailable service

can only allow for two or three things:

1. Increase the exposure of innocent networks to vulnerability scanning.
2. Expose your company to litigation from said scans.
3. Jack your bandwidth bills through the roof.

Any security personnel or pen-testers that are out there that can'tconfigure nmap,or won't aren't worth the effort of providing this free service for.Furthermore, as thislist is mirrored in many locations it exposes your company's well-meaning efforts to

no end of abuse.


On 4-Dec-06, at 3:20 PM, Craig Van Tassle wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As was said in the pen test mailing list, I really think this is abad idea. Iactually have blocked all communication between that site and mynetworks.

Lets let anyone scan anywhere.

David Matousek wrote:

Hello,

For all Nmap fans, our group have implemented Nmap Online service.

Nmap Online is a handy service for all people who are directlyconnected

to the Internet and want to be sure that their inbound firewall rules
are setup correctly. It can be also very useful for administrators of
smaller servers who deal with configurations of their firewalls.

Its address is http://nmap-online.com/. The interface allows you to
perform custom
Nmap scans from our server with only a few limitations in the syntax.
The service is free and can be used immediately, no registration is
required.

Please direct your questions and suggestions to our emails.


Regards,

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFdIMIAOTIJ89W4sIRAnP+AKD4XQei2AHLpgC9fPn9KdINVs+PCQCg0Mt2
zxgXXF+Dp4y/F3Lk4evhIjg=
=Rgu3
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------

This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect---------------------------------------------------------------------------



---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------

Current thread:

Re: Nmap Online ascii (Dec 01)
- <Possible follow-ups>
- Re: Nmap Online Cor Rosielle (Dec 01)
- Re: Nmap Online Zapotek (Dec 01)
  - RE: Nmap Online Tony Mihaljevic (Dec 04)
    - Re: Nmap Online Tasos Laskos (Dec 04)
- RE: Nmap Online Shain Singh (Dec 06)
- Re: Nmap Online Craig Van Tassle (Dec 06)
  - Re: Nmap Online Sean Swayze (Dec 07)
    - RE: Nmap Online Shain Singh (Dec 12)
    - Re: Nmap Online Sean Swayze (Dec 12)
    - RE: Nmap Online Shain Singh (Dec 12)
- RE: Nmap Online Dolan, Patrick (Dec 06)
  - Re: Nmap Online etropos (Dec 07)