Port Scanning?

DVDR_Dog

Well-Known Member
Ultimate Donator
Donator
VIP
Nov 5, 2018
724
OS
Windows 10
BR
Chrome 83.0.4103.116
Do people do this anymore? At one time it was a big deal but your ISP would go bonkers if someone reported you. Just asking now because I am putting together a remote access/back up system. I am thinking the more out of the box I think the less vulnerable it would be. It seems like all the exploits these days center around popular programs and their particular settings and rolling my own would be more secure since it would be an unknown.
Hacking seems to be a monkey see/ monkey do exercise. Once an exploit is found people come up with 1000 ways to use it.
I am starting with a 123 backup protocol but the piece about having a cloud backup secure from ransomware is still a problem. Using various ports for incremental backups seems to be one way to hide the data at least from the host machine. The ports would be randomly generated by the host but the only log would exist remotely and w/o that key b/u data would be inaccessible on the Internet.
Just thoughts banging around in my head at this point. From what I have been reading lately you can no longer depend 100% on cloud storage for security or integrity of data.
Man do I long for the days of a tape drive that spit out the tape after a backup of the server.
 
  • Like
Reactions: ThumperTM

th3m

Well-Known Member
Jun 24, 2020
51
Earth
OS
Windows 10
BR
Chrome 84.0.4147.89
Well you cant hide, there are bots which are scanning 24/7. That's why search engines like https://www.shodan.io/ exist.

Better secure that server with SSH and maybe even change the default 22 port as a good measure, or use TLS with Let's Encrypt depending of the server you are trying to build.

Another option is to encrypt locally first, check Cryptomator, works well with incremental backups.
 

cndps

Well-Known Member
May 25, 2019
244
PT
OS
Windows 8.1
BR
Chrome 84.0.4147.89
I was going to mention http://www.shodan.io too for port scanning, there api is flexible and easy to build bots.

I have a few bots that can deactivate printers, change routers info (SSID or block access to sites), turn web servers offline, etc...
 

DVDR_Dog

Well-Known Member
Ultimate Donator
Donator
VIP
Nov 5, 2018
724
OS
Windows 10
BR
Chrome 84.0.4147.89
I hear ya cndps. I am really surprised it's so easy to get away doing port scans now. Back in the day it would get you kicked out of ISP access in a heartbeat with one complaint.That's why you had a buttload of dial-up POPs to choose from. Between that and how they handled non-LEC long distance service then and the help of a good war dialer program it was a stealthy as you could get. I have had no reason to port scan since then.
I may try to enlist your bots at some time for local security. They are a great idea.