Ebay port scans your pc on every visit.
Michael Butash
michael at butash.net
Mon May 25 18:26:42 MST 2020
This completely bypasses your internet firewall, and your system firewall.
Thus the concern.
Imagine someone installs a remote access toolkit (RAT, ala hackers), has
access to your system to connect/scan your local system, and really
anything else via fed users to request connections from. This is your
computer's trusted browser, no different from RAT/Malware originating
connections FROM 127.0.0.1 (local system) TO 127.0.0.1 (local system),
which 99.9% of times is allowed. Do you block outbound connections from
your own pc? Do you not trust your local system to make connections to
your local system? Not if you want normal activities to at all work.
Also possible (I think) if for example you worked at bank of america and
instead they were trying to connect to your internal-only CRM on
crm.internal.bankofamerica.com or other juicy bits either. Sounds like a
heck of an easy way to probe enterprises with even innocuous links sent to
employees to click on, they start probing the host browsing and your
internal network via your just visiting.
If this is banks and ebay doing this to users, imagine what shadier bits of
the internet are doing, like facebook, twitter, marketing companies, and
other axis of evil. Imagine what the downright nasty bits of the internet
are doing such as torrent/porn sites and other lawless bits.
I see it as something of an exploit of browser trust, but as said, not sure
anything you can do about it.
-mb
On Mon, May 25, 2020 at 5:45 PM Harold Hartley via PLUG-discuss <
plug-discuss at lists.phxlinux.org> wrote:
> Not sure which port they scan to allow them on the inside of the firewall.
> On 5/25/20 5:48 PM, Snyder, Alexander J wrote:
>
> The only outbound ports open without concern are 123(UDP), 53(UDP),
> 80(TCP), and 443(TCP). All other ports are blocked, outbound to the web, on
> my system.
>
> If I read this, this would go around my guards, as they are "piggybacking"
> on 443 in and out, right?
>
> Thanks,
> Alexander
>
> Sent from my Galaxy S10+
>
> On Mon, May 25, 2020, 17:12 Harold Hartley via PLUG-discuss <
> plug-discuss at lists.phxlinux.org> wrote:
>
>> I'm not sure if anything can be done to stop port scanning of ports.
>>
>> I'm really not having a big concern since I have 2 firewalls anyway. I
>> have a firewall on one device and a firewall on my computer. So the only
>> ports they will see is the one on my first device and not the computer.
>> At least that's my theory.
>>
>> On 5/25/20 1:17 AM, Steve Litt via PLUG-discuss wrote:
>> > On Sun, 24 May 2020 20:52:43 -0700
>> > Harold Hartley via PLUG-discuss <plug-discuss at lists.phxlinux.org>
>> wrote:
>> >
>> >> But I close up ports that doesn't need to be
>> >> open in order to make my system safe. You'd be surprised at how many
>> >> ports are open that can leave a system open for attacks.
>> > When you say "close up ports", do you mean make sure there's no
>> > executable listening at that port, firewalling that port so nothing can
>> > come in or out, or something else?
>> >
>> > SteveT
>> >
>> > Steve Litt
>> > May 2020 featured book: Troubleshooting Techniques
>> > of the Successful Technologist
>> > http://www.troubleshooters.com/techniques
>> > ---------------------------------------------------
>> > PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> > To subscribe, unsubscribe, or to change your mail settings:
>> > https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>> --
>> Harold Hartley
>> 17632 N. 5th Pl
>> Phoenix, Arizona 85022
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
> --
> Harold Hartley
> 17632 N. 5th Pl
> Phoenix, Arizona 85022
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20200525/db7c52bb/attachment.html>
More information about the PLUG-discuss
mailing list