<div dir="ltr"><div>This completely bypasses your internet firewall, and your system firewall. Thus the concern.<br></div><div><br></div><div>Imagine someone installs a remote access toolkit (RAT, ala hackers), has access to your system to connect/scan your local system, and really anything else via fed users to request connections from. This is your computer's trusted browser, no different from RAT/Malware originating connections FROM 127.0.0.1 (local system) TO 127.0.0.1 (local system), which 99.9% of times is allowed. Do you block outbound connections from your own pc? Do you not trust your local system to make connections to your local system? Not if you want normal activities to at all work.</div><div><br></div><div>Also possible (I think) if for example you worked at bank of america and instead they were trying to connect to your internal-only CRM on <a href="http://crm.internal.bankofamerica.com">crm.internal.bankofamerica.com</a> or other juicy bits either. Sounds like a heck of an easy way to probe enterprises with even innocuous links sent to employees to click on, they start probing the host browsing and your internal network via your just visiting.<br></div><div><br></div><div>If this is banks and ebay doing this to users, imagine what shadier bits of the internet are doing, like facebook, twitter, marketing companies, and other axis of evil. Imagine what the downright nasty bits of the internet are doing such as torrent/porn sites and other lawless bits.<br></div><div><br></div><div>I see it as something of an exploit of browser trust, but as said, not sure anything you can do about it.<br></div><div><br></div><div>-mb</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, May 25, 2020 at 5:45 PM Harold Hartley via PLUG-discuss <<a href="mailto:plug-discuss@lists.phxlinux.org">plug-discuss@lists.phxlinux.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>Not sure which port they scan to allow them on the inside of the
firewall.<br>
</p>
<div>On 5/25/20 5:48 PM, Snyder, Alexander J
wrote:<br>
</div>
<blockquote type="cite">
<div dir="auto">The only outbound ports open without concern are
123(UDP), 53(UDP), 80(TCP), and 443(TCP). All other ports are
blocked, outbound to the web, on my system.
<div dir="auto"><br>
</div>
<div dir="auto">If I read this, this would go around my guards,
as they are "piggybacking" on 443 in and out, right?<br>
<br>
<div dir="auto">Thanks, <br>
Alexander<br>
<br>
Sent from my Galaxy S10+</div>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, May 25, 2020, 17:12
Harold Hartley via PLUG-discuss <<a href="mailto:plug-discuss@lists.phxlinux.org" target="_blank">plug-discuss@lists.phxlinux.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">I'm not sure
if anything can be done to stop port scanning of ports.<br>
<br>
I'm really not having a big concern since I have 2 firewalls
anyway. I <br>
have a firewall on one device and a firewall on my computer.
So the only <br>
ports they will see is the one on my first device and not the
computer. <br>
At least that's my theory.<br>
<br>
On 5/25/20 1:17 AM, Steve Litt via PLUG-discuss wrote:<br>
> On Sun, 24 May 2020 20:52:43 -0700<br>
> Harold Hartley via PLUG-discuss <<a href="mailto:plug-discuss@lists.phxlinux.org" rel="noreferrer" target="_blank">plug-discuss@lists.phxlinux.org</a>>
wrote:<br>
><br>
>> But I close up ports that doesn't need to be<br>
>> open in order to make my system safe. You'd be
surprised at how many<br>
>> ports are open that can leave a system open for
attacks.<br>
> When you say "close up ports", do you mean make sure
there's no<br>
> executable listening at that port, firewalling that port
so nothing can<br>
> come in or out, or something else?<br>
> <br>
> SteveT<br>
><br>
> Steve Litt<br>
> May 2020 featured book: Troubleshooting Techniques<br>
> of the Successful Technologist<br>
> <a href="http://www.troubleshooters.com/techniques" rel="noreferrer noreferrer" target="_blank">http://www.troubleshooters.com/techniques</a><br>
> ---------------------------------------------------<br>
> PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org" rel="noreferrer" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
> To subscribe, unsubscribe, or to change your mail
settings:<br>
> <a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a><br>
<br>
-- <br>
Harold Hartley<br>
17632 N. 5th Pl<br>
Phoenix, Arizona 85022<br>
<br>
---------------------------------------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org" rel="noreferrer" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a></blockquote>
</div>
</blockquote>
<pre cols="72">--
Harold Hartley
17632 N. 5th Pl
Phoenix, Arizona 85022</pre>
</div>
---------------------------------------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a></blockquote></div>