[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: exit counts by port number over 61 days

To: or-talk@xxxxxxxxxxxxx
Subject: Re: exit counts by port number over 61 days
From: Sven Anderson <sven@xxxxxxxxxxx>
Date: Tue, 14 Apr 2009 15:06:22 +0200
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Tue, 14 Apr 2009 09:06:27 -0400
In-reply-to: <200904131700.n3DH0fWM013038@xxxxxxxxxxxxx>
References: <200904131700.n3DH0fWM013038@xxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

Hi Scott,

Am 13.04.2009 um 19:00 schrieb Scott Bennett:


	1)  Why is the nicname/whois port the most heavily used?  In fact,
	why is it getting much use at all?

My guess: spammers and profilers, scanning for email adresses andother personal data.

	2) Why are there so many exits to the standard socks port?  It
	seems kind of strange to go all the way through the tor network
	fully encrypted, only to exit in the clear to a port somewhere
	else for re-encryption.  Similarly, what about pptp?


There are Trojans opening backdoors on that port.

http://isc.sans.org/port.html?port=1080

	4) Who still uses RFS?  Didn't that die out a *long* time ago?
	(The rfs port had 70 exits.)

I bet nobody. That's why there seems to be somebody using the port forsomething else.



Sven

Attachment: smime.p7s
Description: S/MIME cryptographic signature

References:
- exit counts by port number over 61 days
  - From: Scott Bennett

Prev by Author: Google Summer of Code 2009
Next by Author: Re: tor with OpenDNS as default DNS, using Firefox+FoxyProxy
Previous by thread: exit counts by port number over 61 days
Next by thread: Re: exit counts by port number over 61 days
Index(es):
- Author
- Thread