[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Network Scan through Tor Exit Node (Port 80)



On Tue, 8 Mar 2011 18:35:12 -0800
Robert Ransom <rransom.8774@xxxxxxxxx> allegedly wrote:

> On Tue, 8 Mar 2011 04:04:13 -0600 (CST)
> Scott Bennett <bennett@xxxxxxxxxx> wrote:
> 

[much snipped]

> > >Using Tor to scan the internet is a good way to see how the
> > >internet looks from different perspectives at once, which can be
> > >quite valuable.
> > >
> >      I disagree and, as noted above, treat that as a cracking
> > attempt.
> 
> Why do you consider a portscan to be an attempt to gain unauthorized
> access to your computer?
> 
> 
> Robert Ransom

I'm with Scott. Whilst I don't necessarily agree that a portscan is an
attempt to gain unauthorised access, I don't like them for the
following reasons:

- they are /indicative/ of reconnaisance activity which may be a
  precursor to later attack. 

- they tend to irritate ISPs (and corporations which log such
  activity). If the scan comes from a system for which I am
  responsible, they will likely vent that irritation at me.

-  scans /can/ and /do/ cause DOS on some devices. A cursory search
  of bugtraq archives should unearth plenty of examples. Some examples I
  am aware of (though admittedly unlikely to reachable from a Tor exit
  node) are the HP procurve switch, some Jetdirect printers, some
  Netgear DSL routers etc. As I have pointed out before, this is
  illegal in the UK (our legislation being "laughably absurd" doesn't
  stop it being the law.)

And as Scott said, I don't see why EFF should place the operators
of Tor nodes at risk by using Tor as a scanning tool. 

Mick   

---------------------------------------------------------------------

The text file for RFC 854 contains exactly 854 lines. 
Do you think there is any cosmic significance in this?

Douglas E Comer - Internetworking with TCP/IP Volume 1

http://www.ietf.org/rfc/rfc854.txt
---------------------------------------------------------------------



Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays