On Tue, 8 Mar 2011 18:35:12 -0800 Robert Ransom <rransom.8774@gmail.com> allegedly wrote:
On Tue, 8 Mar 2011 04:04:13 -0600 (CST) Scott Bennett <bennett@cs.niu.edu> wrote:
[much snipped]
Using Tor to scan the internet is a good way to see how the internet looks from different perspectives at once, which can be quite valuable.
I disagree and, as noted above, treat that as a cracking attempt.
Why do you consider a portscan to be an attempt to gain unauthorized access to your computer?
Robert Ransom
I'm with Scott. Whilst I don't necessarily agree that a portscan is an attempt to gain unauthorised access, I don't like them for the following reasons: - they are /indicative/ of reconnaisance activity which may be a precursor to later attack. - they tend to irritate ISPs (and corporations which log such activity). If the scan comes from a system for which I am responsible, they will likely vent that irritation at me. - scans /can/ and /do/ cause DOS on some devices. A cursory search of bugtraq archives should unearth plenty of examples. Some examples I am aware of (though admittedly unlikely to reachable from a Tor exit node) are the HP procurve switch, some Jetdirect printers, some Netgear DSL routers etc. As I have pointed out before, this is illegal in the UK (our legislation being "laughably absurd" doesn't stop it being the law.) And as Scott said, I don't see why EFF should place the operators of Tor nodes at risk by using Tor as a scanning tool. Mick --------------------------------------------------------------------- The text file for RFC 854 contains exactly 854 lines. Do you think there is any cosmic significance in this? Douglas E Comer - Internetworking with TCP/IP Volume 1 http://www.ietf.org/rfc/rfc854.txt ---------------------------------------------------------------------