Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 624
  • Last Modified:

Is port scanning my own hosted server illegal? Or could I get in trouble

I was testing my firewall using Nmap port scanner to figure out if the Windows firewall was doing its job. I had to work for the last 48 hours and when I came back to do another scan and detect any other ports, I cannot see anything open anymore. The only port the scanner comes back with is Port 53. I had at least 7 more ports to close and now I cannot find them in the scan. Would my hosting service closed these other ports since they may have caught the scanning? Is there another tool anyone recommends to do this? I just cant get hacked or owned I guess they call it. I just read a few articles where this could be illegal? Now I am all nervous! Jeez, I am new to this and just trying to secure our family business.  This will be my wifes website business. Any thoughts would be appreciated.
0
jeffmeverett
Asked:
jeffmeverett
  • 3
  • 2
  • 2
4 Solutions
 
Aaron TomoskyTechnology ConsultantCommented:
Ask your host. Most hosts will just pass all ports but some have different setups between your box as the Internet. No general answer will always be right.
0
 
meko72Commented:
It is not Illegal to do your own port scan on your own network but however, you could get in trouble with your hosted server provider.
Really there is no reason to do a port scan on your hosted server because they have security in place.
If you find that there is a security hole (Network) then you should contact them right away.
It is up to the provider to update and patch the server and network, if needed.
0
 
jeffmeverettAuthor Commented:
I did call the hosting service and they said it was no problem scanning. I am not behind the hosting services firewall, they claim they cannot put me behind a hardware firewall either. I do have Windows Firewall running and I only have 6 ports open. Most of which the tech said are usually vital and really cant be closed. The only one in question was 53 and 88. Other than that he said I was really tightly covered and did a great job securing it. I will await to see if any other comments are said and then I will award points and close the thread. THanks!
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
Aaron TomoskyTechnology ConsultantCommented:
I your going to scan your hostin company in the future, best to let them know. Because they don't know that your ip belongs to you, the account owner.
0
 
meko72Commented:
Typically Port 53 is for DNS (Domain Name Service) is used for domain name resolution.  Xbox LIVE uses ports 53 tcp/udp, 80 tcp, 88 udp, 3074 tcp/udp.

Port 88 is also used for Xbox LIVE aswell as Kerberos - authentication system
0
 
meko72Commented:
Here is an explaination of TCP/UDP

TCP ports use the Transmission Control Protocol. TCP is one of the main protocols in TCP/IP networks. Whereas the IP protocol deals only with packets, TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered in the same order in which they were sent. Guaranteed communication is the key difference between TCP and UDP.

UDP ports use the Datagram Protocol, a communications protocol for the Internet network, transport, and session layers. Like TCP (Transmission Control Protocol), UDP is used with IP (the Internet Protocol) and makes possible the transmission of datagrams from one computer to applications on another computer, but unlike TCP, UDP is connectionless and does not guarantee reliable communication; it's up to the application that received the message to process any errors and verify correct delivery.
0
 
jeffmeverettAuthor Commented:
From what I was able to gather, I would in the future consult your hosting company. Everyone may have a different rule. I would recommend anyone to scan their website thoroughly with a fine toothed comb. I have already been scanned by anti-sec I found in the log. Its more than likely a bot. Those guys are good, real good, be careful all.
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now