Carsten,
No, it’s more like 50,000 furnace guys who show up several times a day to rattle doorknobs, attempt to push slim Jim’s into window latches, hack your garage door opener, sneak into your back garden, and fly drones around your home to see what valuables you might have. Yes, some of them are altruistic, but some are self-righteous officious boobs, and the vast majority are career criminals that will rob your house, drain your retirement account, and kill your family with a spoofed SWAT raid.
-mel beckman
I treat these folk with the same respect they afford me. Not once in 30 years of having a connected network (v4 or v6) has any entity asked "is it OK if we .. ?".
To my mind, it seems rather idiotic and self-defeating to have the plumbing congested with packets intended to measure congestion 
Michael
I treat these folk with the same respect they afford me. Not once in
30 years of having a connected network (v4 or v6) has any entity asked
"is it OK if we .. ?".
how strange, considering you are replying to a thread doing so.
fwiw, i appreciate vuln scanners. i do not have the hubris or tools to
think i run a flawless network or servers.
randy
The intent behind vulnerability scans is good, however the majority of DOS attacks that my networks encounter these days are from cybersecurity organizations conducting cybersecurity research.
Funding requests for DOS mitigation solutions to protect my networks from cybersecurity researchers are not taken seriously.
Randy,
Great idea! And bill the taxpayers!
-mel via cell
Hey - I have a neat new idea... Let's test the structure of levees by flooding the rivers and seeing what levees don't survive.
Geoff
It seems to me there's vulnerability testing and there's vulnerability
testing and just lumping them all together motivates disparate
opinions.
For example it's one thing to perhaps see if home routers
login/passwords are admin/admin or similar, or if systems seem to be
vuln to easily exploitable bugs and reporting such problems to someone
in charge versus, say, hammering at some network to see when/if DDoS
mitigation kicks in.
For example I've gotten email in the past that some of my servers were
running ntp in a way which makes them vuln to being used for DDoS
amplification and, I believe, fixed that. I didn't mind.
Anyhow, you all probably get my point without further hypotheticals or
examples.
Scanning for known vulns and reporting can be ok, testing to
destruction? Not so much.
Yeah. The unwritten rule of this is "if you're going to do it, do it gently enough that the person receiving it doesn't notice".
If the load average on my server goes up by 20 because you've opened 20 simultaneous HTTP connections and you're sending nonstop requests on all of them for thousands of random filenames that don't exist (but which each cause a PHP script to run), I'm not going to appreciate it.
Same if you send tens of thousands of TCP SYNs a second so you can quickly scan all possible ports of hundreds of IP addresses.
If I don't even notice it, though, I'm unlikely to be bothered to object to it.
For example I've gotten email in the past that some of my servers were
running ntp in a way which makes them vuln to being used for DDoS
amplification and, I believe, fixed that. I didn't mind.
that was a really well done campaign. i thanked them profusely.
randy
Quite the opposite, I once had to endure significant frustration in contacting the organization running a system that kept emailing my abuse contacts about a historical computer I maintained, advising me that my “Insecure CISCO Router” was still accepting “dangerous" telnet connections despite the host’s banner including the text “This system is not a router; The availability of telnet access to this system is intentional.”
If you are engaging in mass scanning and are not going to listen to the targets of your scanning please at least pay attention to your results.