sites on localhost
Michael Butash
michael at butash.net
Fri May 20 21:20:00 MST 2022
This is something I posted here a while back, how sites like banks and
other financials were making scripted local queries to check for open
"services" or ports as referrals to localhost and ports known to be
malicious ala some worm or botnet if they should trust you or not. Quick
way for them to determine what stupid customers of theirs got got already,
and lower your credit score while at it. While ok, I get it, trust no one,
but that's a bit creepy that they're forcing my browser to open sockets to
local ports to essentially bypass my firewall, port scan my host, while
connecting to their site, and figure no one mostly will notice.
Far as I know ublock and noscript inherently block most of that (it's
usually some affiliate credit check firm the bank uses for plausible
deniability and blame pointing), but I do this by default for the past ~20
years to notice much.
Such is the world we live in. Shields up!
-mb
On Fri, May 20, 2022 at 8:27 PM der.hans via PLUG-discuss <
plug-discuss at lists.phxlinux.org> wrote:
> moin moin,
>
> once in a while I run into a site trying to make JavaScript or XHR
> connections to localhost.
>
> What are they doing?
>
> Are they setting up backdoor tunnels on localhost?
>
> Are they trying to run a daemon out of the browser?
>
> Are they trying to escape the sandbox and exfiltrate data?
>
> ciao,
>
> der.hans
> --
> # https://www.LuftHans.com https://www.PhxLinux.org
> # Eternal vigilance is the price of liberty. -- Thomas Jefferson
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20220520/f987a35c/attachment.html>
More information about the PLUG-discuss
mailing list