Brazilian ISP threatens with lawsuit instead of fixing vulnerabilities
old.reddit.comWell, i found a state-wide news station (open!) backup server in a port scan of local addresses in my previous Brazilian ISP, everyone living in one big happy switch, so these things don't surprise me anymore.
Edit: at least i had proper IPV6 on that one, current one is a horrible ipv4-only cgnat.
Identifying an issue with the hardware - yeah fair enough. Scanning the ISP’s residential customer range for hacking recon - yes I can see why that might bring a lawsuit.
I don’t port scan my ISP and then complain when they get cross.
For a meat-space analogy: They noticed a particular carpenter was using faulty strike plates and were prone to opening on their own. They went through and knocked on the doors in a neighborhood built by that carpenter only to find that fully half of them would open at the slightest touch. Upon such a discovery they notified the carpenter and were threatened with legal action. Most people don't knock on _every_ door in a region, but barring certain limited exceptions it's very legal where I live and happens occasionally.
IMO the ISP is even more in the wrong here since the person investigating this didn't even go to the doors himself; he told the ISP he had a message to deliver to each port, and the ISP themselves executed the port scan and chose to report the results back to OP.
What egregious negligence. Small time ISPs can be amazing and other times they're chock full of fools.