That really gives a lot to think about at how many other sites are doing
the same thing. But I close up ports that doesn't need to be open in
order to make my system safe. You'd be surprised at how many ports are
open that can leave a system open for attacks.
On 5/24/20 8:15 PM, Michael Butash via PLUG-discuss wrote: > https://www.bleepingcomputer.com/news/security/ebay-port-scans-visitors-computers-for-remote-access-programs/ >
> This was a bit disturbing to read today. Ebay injects a few
> basic socket connection, telling them if the port is open or not,
> amounting to effectively a local host port scan for specified ports,
> behind a firewall, from a web page you visited. They are doing this
> looking for remote admin applications in fact, rdp, vnc, teamviewer,
> many others. Hmm.
> So any public website can query any port from visiting a web page, and
> possibly interact with any sort of local or other api on my system?
> that, or at least have protections from certain abuse. I suppose it's
> valid if linking to another site, but JS/Browsers allowing local
> random port use like this, seems ebay is probably not the only ones to
> abuse this in certain ways. I know you can do some interesting things
> with websockets, seems chaining via same methods to remote interact
> would be trivial.
> This is pretty devious actually, I'm both a bit scared for ebay, not
> to mention all the other sites I "trust", let alone the ones I don't.
> I use noscript pervasively, and whitelist only valid sites. Ebay is a
> valid site, didn't think I had to protect myself, but how would you
> protect against this? Curious also the take from web dev's on this,
> other than thanks for the tip. :)
> PLUG-discuss mailing list - PLUGemail@example.com > To subscribe, unsubscribe, or to change your mail settings:
17632 N. 5th Pl
Phoenix, Arizona 85022