Re: Ebay port scans your pc on every visit.

Top Page
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Harold Hartley via PLUG-discuss
To: Michael Butash via PLUG-discuss
CC: Harold Hartley
Subject: Re: Ebay port scans your pc on every visit.
That really gives a lot to think about at how many other sites are doing
the same thing. But I close up ports that doesn't need to be open in
order to make my system safe. You'd be surprised at how many ports are
open that can leave a system open for attacks.

On 5/24/20 8:15 PM, Michael Butash via PLUG-discuss wrote:
> This was a bit disturbing to read today.  Ebay injects a few
> javascript connections back to your requesting system, measures a
> basic socket connection, telling them if the port is open or not,
> amounting to effectively a local host port scan for specified ports,
> behind a firewall, from a web page you visited.  They are doing this
> looking for remote admin applications in fact, rdp, vnc, teamviewer,
> many others.  Hmm.
> So any public website can query any port from visiting a web page, and
> possibly interact with any sort of local or other api on my system?
> I wouldn't think Javascript would be allowed to chain off a host like
> that, or at least have protections from certain abuse.  I suppose it's
> valid if linking to another site, but JS/Browsers allowing local
> random port use like this, seems ebay is probably not the only ones to
> abuse this in certain ways.  I know you can do some interesting things
> with websockets, seems chaining  via same methods to remote interact
> would be trivial.
> This is pretty devious actually, I'm both a bit scared for ebay, not
> to mention all the other sites I "trust", let alone the ones I don't. 
> Everyone else that just allows pervasively javascript is just hozed. 
> Which is standard for everyone since javascript existed.
> I use noscript pervasively, and whitelist only valid sites.  Ebay is a
> valid site, didn't think I had to protect myself, but how would you
> protect against this?  Curious also the take from web dev's on this,
> other than thanks for the tip.  :)
> -mb
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:

Harold Hartley
17632 N. 5th Pl
Phoenix, Arizona 85022

PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings: