Friday, March 10, 2006

Dubious Network Scanners

If you click on the “Scan Now” link at this website, you get some HTML output of a simple portscan conducted against your connecting IP address (at least, the IP that makes the connection to Sygate’s web server). The scan seems to be just a simple nmap scan that say things like “SMTP is used to send email across the internet. This allows an attacker to verify user accounts on your system, send anonymous (spam) email, or even access files on your hard drive”. Of course, the company offering this “service” is selling personal firewalls, so this kind of alarmist nonsense doesn’t surprise me.

Interestingly, those using a SOCKS proxy, tor, or some other kind of internet anonymizer will actually scan the last hop’s source IP address that made the connection to Sygate’s web server.

Technorati Tags: ,

No comments: