2.0 DSLR Port Scans Scanner FAQ | DSLReports.com, ISP Information

Table of Contents

2.0 DSLR Port Scans

Why can't the scan be done instantly?

A basic port scan is available. (Under the Tools menu item)

It is implemented as a java applet that simply reports back the results of a port scan done by the server. This scan simply reports on a few common vulnerabilities.

The slightly more extensive scan system has a queue, as each test can take a while. There are usually a few people 'waiting' in this queue so the scan is not instant.

got feedback?

by edited by KeysCapt
last modified: 2004-02-01 05:18:02

What tools are used?

Nmap, nbtstat, queso, smbclient, targa and whatever the latest flavour of ping of death programs are used (optionally - if selected by you), and a perl script with various modules controls it all.

got feedback?

by KeysCapt
last modified: 2004-02-01 05:18:42

Summarize what is done to my computer please

A modern port scan tool is used (nmap) and this attempts to identify the machine signature, and any vulnerable services running on it. If NETBIOS ports are open (indicating it is a Windows machine), then we attempt to talk to your netbios to see if there are any shares or printers visible, and to query your machine name and domain name.

If you requested 'ping of death' tests, then some ping of death packets are sent to your machine, to see if this will crash your operating system.

If you have a Cisco router, it is probed to see if the IOS is protected or not.

None of these default tests will damage anything. It is possible, but only remotely, that the 'ping of death' tests could cause disk corruption since the OS may freeze in the middle of writing a file. If you are not using your PC for something else, this is extremely unlikely. (Turn off your defragger if you run that overnight though!).

got feedback?

by KeysCapt
last modified: 2004-02-01 05:21:03

Can I run a Port Scan against my company firewall?

To ensure the IP is yours, but without causing a blizzard of email, the site is setup to look out for FTP or Telnet requests from hosts targetted for scans.

If a request is logged, this releases the scan. Therefore, if your scan has gone into hold status, you must find some way of running an FTP or Telnet request to this site to release it.

got feedback?

by KeysCapt
last modified: 2004-02-01 05:22:48

Do you keep the results?

We keep logs of vulnerabilities found, but with the IP address REMOVED.

Why? Because we want to publish summaries of the security vulnerabilities we fiind. At no time will we reveal your IP address associated with the security scan results. Even the email of results do not reveal your IP address.

got feedback?

by KeysCapt
last modified: 2004-02-01 05:23:36

How do I interpret the score?

Just because you have open ports, or a visible computer name, or visible shares, or crash out when sent certain ping packets, do not rush out and buy the first security package you can find.

Simple things like turning off file sharing can be enough while you do some further reading.

That said, if you use IRC and ICQ a lot, and tread on the toes of strangers online, then you should probably at least run a software firewall. It is also highly recommended that you install some type of virus scanner and keep its virus definitions updated. You can find more information to help in the Security Forum.

got feedback?

by KeysCapt
last modified: 2004-02-01 05:27:30

What firewall do you recommend?

At this point there are simply too many possible choices to recommend any particular brand of firewall.

Zonealarm for Windows platforms is popular and has a free version.

An ipchains firewall script in your startup is recommended for Linux.

Netbarrier seems to show a lot of information for Macintosh users.

got feedback?

by KeysCapt
last modified: 2004-02-01 05:47:07

All FAQs » Scanner FAQ » 2.0 DSLR Port Scans