New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Need host allowing port scanning, Want to provide service like Shodan.io
I am looking for a hosting provider that will allow port scanning of 0.0.0.0/0 for publicly available services...
I have seen that Shodan.io somehow is capable of doing exactly that, and I am wondering why there are not more port scanning friendly hosts.
Any hosting providers that you can think of that might allow this with prior knowledge would be greatly appreciated.
Port Scanning
- Is Port Scanning Illegal?61 votes
- Yes39.34%
- No42.62%
- Maybe18.03%
Comments
I think hostmaze is allowing this kind of practice
@deank can help you with the 0.0.0.0/0
The end is nigh.
I sometimes think of putting my stuff on single ipv6 addresses selected randomly from the middle of /64 ranges just to impede stuff like this. I wonder if it really works or if there's a simple way to find the live addresses.
ipv6 is likely safe until people have 100Gb/s fiber at their house
and even then it will be a mission
Quasi Networks a.k.a. Ecatel a.k.a. Novogara would probably allow that. But they might be shadier than your project. So don't take this as a recommendation. I'm just brainstroming.
Also cyberbunker comes to mind. Not sure if they are even still alive. The boss (Sven?) seems to have a talent to be in trouble or jail all the time.
But if you want to do this the "rogue/unbureaucratic" way, than I think such "special" hosters are your only choice.
Alternatively you could do it very professionally and register a company, consult a law firm, and approach normal, more solid and trustworthy hosters directly. As a CEO of a company, who is represented by an IT-competent law firm, some hosters might be more willig to consider you as a customer. But of course not for 7$/month. And then, IMHO, you should have a TOS/AUP that you actually enforce, offer the service only to registered users (preferraby with SMS or Post-ID verification), and actually handle abuse complaints professionally.
Well, thats what Shodan did, they ran NTP servers and found these addresses.
Easy.
Contact them: https://mzunguhosting.ml/
Network is fast my man
Where do you live? I want to go to your house and make sure all your windows and doors are secure. Trust me... it's for... uhh... your security -- right, let's go with that.
I'd say it's like going to an unprotected parking lot during night time, checking all car doors and posting on your favourite social media platform which car was left without locked doors.
I don't think that's a good idea...
Purchase multiple servers from different providers.
Then distribute IP ranges addresses between them.
Some ranges are dangerous, almost instant abuses.
I don't think it's good idea to scan. Expect FBI at your doors if services that you've checked contains private information and the last one who had access is you
I clicked "Maybe."
Port scanning is legal if you have the permission of the target. I use port scanning to check VPSs and other servers that I pay for, or where I have permission of the owner. It is a natural thing to do to verify that the system is configured correctly and securely. It may violate the terms of your VPS contract, as obviously noticed by the OP. I scan my few servers anyway. The scans are so rare and each scan is obviously directed at a single IP that I am confident the VPS provider will conclude that I am doing normal verification.
I once attended a presentation, where the speaker detailed some huge number of "attacks" they had detected. It was a large conference. I don't remember the context, but imagine a large, high-profile target, like a government agency or big corporation, something like that.
Because of the large number of detected attacks the speaker reported, I asked him about what actually constitutes an "attack." Does a simple "ping" count? What about a port scan? I told him that I often ping a server to see if it is up.
The speaker responded that they did NOT count pings, but they considered a port scan to be an attack.
Agreed. Just look at your server messages and the quantity of broadcast packets, from your "noisy neighbours". Ban 'em all!
Contact Shodan's hoster since they obviously host Shodan-like service. Duh.
You can download port scan data for research purposes here: https://opendata.rapid7.com/
I report TCP port scans to the responsible network service providers. I get to know that some connection attempts are really from security researchers, not attackers as I previously thought. I have detected TCP port scan claimed to be from Shodan before. The 3 providers I found used by Shodan at the time were CariNet, SingleHop, and BlackHOST.