Douglas J. Hunley wrote:
> What does everyone think of me putting up a page on linux.nf that anyone can
> come to and have their system scanned for known security exploits? I'm
> thinking the user would surf over to say http://linux.nf/scanme/ and the page
> would display a quick little disclaimer stating what it's going to do, that
> you should be the owener of the machine being scanned, and that by clicking
> the 'scan me' button you agree to release us from liability... when they
> click the button, it launches a Nessus scan, puts up a 'please wait while you
> are scanned' page, and then when the nessus scan completes, it pops up a page
> with the results of the scan. of course, it would scan the ip of the machine
> viewing the page so that the user couldn't put in somebody else's ip (I know,
> i know... this wouldn't work for machines behind a proxy)..
>
> thoughts?
It's not just the owner that needs to be happy, as he usually doesn't own the
network you are scanning across. If this were to trigger alarm bells on some
ISPs automated surveillance systems, we might find the SxS site being blocked.
Just a thought.
--
burns
_______________________________________________
http://linux.nf -- [EMAIL PROTECTED]
Archives, Subscribe, Unsubscribe, Digest, Etc
->http://linux.nf/mailman/listinfo/linux-users
