| ▲ | randall 5 days ago |
| one time i ran nmap against my dev box at facebook. i was definitely worried someone was going to give me a stern talking to. |
|
| ▲ | varenc 5 days ago | parent | next [-] |
| I ran 'neoprint.php' on myself at Facebook in 2007 and immediately got a stern email about it... It was some script that collected info for responding to law enforcement requests. But after chastising me, the email said "I was gratified that you ran it on yourself". (as opposed to snooping on someone else!) It was just a summer internship and FB was like 'only' 80 engineers back then. But they still took it seriously. |
| |
| ▲ | Thorrez 4 days ago | parent [-] | | I think that's a little different. It sounds like neoprint.php is an internal Facebook tool for looking up data on Facebook users. So improper usage of it is a privacy problem for users. It's something misbehaving employees might run against celbrities, exes, etc. (e.g. https://www.gawkerarchives.com/5637234/gcreep-google-enginee... ) Otoh nmap isn't a privacy problem for users of Facebook (or any other tech company). | | |
| ▲ | varenc 4 days ago | parent [-] | | Yea totally agree. Mainly just wanted to shoehorn in my own story about stern emails at FB! Also I think running nmap on your own development machine is totally legitimate. Lots of reasons you might want to do it. |
|
|
|
| ▲ | SoftTalker 5 days ago | parent | prev [-] |
| I use nmap routinely at work to see what’s on a subnet, has anything new appeared, or where it should not be. |
| |
| ▲ | bravetraveler 5 days ago | parent [-] | | +1. If I can't run nap or netcat, or have to justify it each time, I can't do my job. Better off elsewhere. I've departed early at least twice over this. Draconian IT serves nobody. Been doing this long enough I deliberately poke any new employer; see what's in store. Nobody cares, though. EDR appliances sell without careful administration. The industry will outlive us all. |
|
