On Tue, 8 Mar 2011 18:35:12 -0800 Robert Ransom rransom.8774@gmail.com allegedly wrote:
On Tue, 8 Mar 2011 04:04:13 -0600 (CST) Scott Bennett bennett@cs.niu.edu wrote:
[much snipped]
Using Tor to scan the internet is a good way to see how the internet looks from different perspectives at once, which can be quite valuable.
I disagree and, as noted above, treat that as a cracking
attempt.
Why do you consider a portscan to be an attempt to gain unauthorized access to your computer?
Robert Ransom
I'm with Scott. Whilst I don't necessarily agree that a portscan is an attempt to gain unauthorised access, I don't like them for the following reasons:
- they are /indicative/ of reconnaisance activity which may be a precursor to later attack.
- they tend to irritate ISPs (and corporations which log such activity). If the scan comes from a system for which I am responsible, they will likely vent that irritation at me.
- scans /can/ and /do/ cause DOS on some devices. A cursory search of bugtraq archives should unearth plenty of examples. Some examples I am aware of (though admittedly unlikely to reachable from a Tor exit node) are the HP procurve switch, some Jetdirect printers, some Netgear DSL routers etc. As I have pointed out before, this is illegal in the UK (our legislation being "laughably absurd" doesn't stop it being the law.)
And as Scott said, I don't see why EFF should place the operators of Tor nodes at risk by using Tor as a scanning tool.
Mick
---------------------------------------------------------------------
The text file for RFC 854 contains exactly 854 lines. Do you think there is any cosmic significance in this?
Douglas E Comer - Internetworking with TCP/IP Volume 1
http://www.ietf.org/rfc/rfc854.txt ---------------------------------------------------------------------