Back to Top

Wednesday, November 29, 2006

Nmap online

Some brave people have put online a service where you can scan an arbitrary computer with Nmap using their server to do the scanning on your behalf. One can say that this is the grownup version of Shields Up!.

I was worried that their service could be abused in an attack-by-proxy (or in this case reconnaissance-by-proxy) scenario, so I contacted them. They were kind enough to reply to me very fast, and here are the things I learned:

  • They are confident that the limits set in their Terms of Service are enough. At the moment of writing this post these are the following (but they can change of course):
  • There can be only one active (running) scan from one IP
  • Maximum 5 scan requests from one IP per 24 hours
  • Maximum 20 scan reqests from one IP per 7 days
  • Scan timeout is 60 min
  • An other safety measure is the fact that the logs are kept and are correlated with the requesting IP.
  • When I saw the possibility to enter an arbitrary command line, I got very nervous and asked them if they considered command line injection? Thankfully they said yes and reassured me that they taken the necessary security measures (and also that their logs were full of attempts to verify the existence of an exploit)

Given all this, I can only say: scan away! :)

3 comments:

  1. You can scan IP addresses in C class subnet of your IP. The only allowed syntax to specify IP address is a.b.c.d or a.b.c.d-e (for example, if your IP address is 89.176.14.234, you can scan addresses from 89.176.14.0 to 89.176.14.255).

    ReplyDelete
  2. Anonymous12:54 PM

    There appears to be a few of these services appearing now days.

    Take a look at HackerTarget.com - they offer not only Nmap, but also Nikto, SQLiX and OpenVas for a full gamut of online vulnerability testing.

    ReplyDelete
  3. Thank you for the tip. They look interesting, although the site as aimed more as a sales pitch than a just-use-it service. For one, they disallow some free email providers (like hotmail, yahoo, gmail, etc), but of course such a list can not be extensive (there are a lot of free local email providers in every country).

    So, they are not useful for me, but they might be what you're looking for, so take a look at them if you are so inclined.

    ReplyDelete