Solved

Is port scanning my own hosted server illegal? Or could I get in trouble

Posted on 2012-03-23
7
570 Views
Last Modified: 2012-03-23
I was testing my firewall using Nmap port scanner to figure out if the Windows firewall was doing its job. I had to work for the last 48 hours and when I came back to do another scan and detect any other ports, I cannot see anything open anymore. The only port the scanner comes back with is Port 53. I had at least 7 more ports to close and now I cannot find them in the scan. Would my hosting service closed these other ports since they may have caught the scanning? Is there another tool anyone recommends to do this? I just cant get hacked or owned I guess they call it. I just read a few articles where this could be illegal? Now I am all nervous! Jeez, I am new to this and just trying to secure our family business.  This will be my wifes website business. Any thoughts would be appreciated.
0
Comment
Question by:jeffmeverett
  • 3
  • 2
  • 2
7 Comments
 
LVL 38

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 250 total points
ID: 37757500
Ask your host. Most hosts will just pass all ports but some have different setups between your box as the Internet. No general answer will always be right.
0
 
LVL 9

Assisted Solution

by:meko72
meko72 earned 250 total points
ID: 37757507
It is not Illegal to do your own port scan on your own network but however, you could get in trouble with your hosted server provider.
Really there is no reason to do a port scan on your hosted server because they have security in place.
If you find that there is a security hole (Network) then you should contact them right away.
It is up to the provider to update and patch the server and network, if needed.
0
 

Author Comment

by:jeffmeverett
ID: 37757749
I did call the hosting service and they said it was no problem scanning. I am not behind the hosting services firewall, they claim they cannot put me behind a hardware firewall either. I do have Windows Firewall running and I only have 6 ports open. Most of which the tech said are usually vital and really cant be closed. The only one in question was 53 and 88. Other than that he said I was really tightly covered and did a great job securing it. I will await to see if any other comments are said and then I will award points and close the thread. THanks!
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 38

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 250 total points
ID: 37757817
I your going to scan your hostin company in the future, best to let them know. Because they don't know that your ip belongs to you, the account owner.
0
 
LVL 9

Expert Comment

by:meko72
ID: 37757940
Typically Port 53 is for DNS (Domain Name Service) is used for domain name resolution.  Xbox LIVE uses ports 53 tcp/udp, 80 tcp, 88 udp, 3074 tcp/udp.

Port 88 is also used for Xbox LIVE aswell as Kerberos - authentication system
0
 
LVL 9

Accepted Solution

by:
meko72 earned 250 total points
ID: 37757955
Here is an explaination of TCP/UDP

TCP ports use the Transmission Control Protocol. TCP is one of the main protocols in TCP/IP networks. Whereas the IP protocol deals only with packets, TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered in the same order in which they were sent. Guaranteed communication is the key difference between TCP and UDP.

UDP ports use the Datagram Protocol, a communications protocol for the Internet network, transport, and session layers. Like TCP (Transmission Control Protocol), UDP is used with IP (the Internet Protocol) and makes possible the transmission of datagrams from one computer to applications on another computer, but unlike TCP, UDP is connectionless and does not guarantee reliable communication; it's up to the application that received the message to process any errors and verify correct delivery.
0
 

Author Closing Comment

by:jeffmeverett
ID: 37759739
From what I was able to gather, I would in the future consult your hosting company. Everyone may have a different rule. I would recommend anyone to scan their website thoroughly with a fine toothed comb. I have already been scanned by anti-sec I found in the log. Its more than likely a bot. Those guys are good, real good, be careful all.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question