On Tue, 8 Mar 2011 04:04:13 -0600 (CST) Scott Bennett bennett@cs.niu.edu wrote:
On Sat, 26 Feb 2011 12:13:53 -0800 Chris Palmer <chris@eff.org> wrote:
On Feb 26, 2011, at 9:53 AM, mick wrote:
No reputable security researcher would a) scan a network without that network owner's explicit permission, nor b) use tor for that scan.
Lots of reputable security researchers who scan the entire internet without getting permission. You can't get permission from every operator in the world, but you still need to do good and interesting research. Examples of reputable researchers who have scanned the whole internet include Dan Bernstein, Dan Kaminsky, and EFF. (At least I think we're reputable. :) ) I don't know for sure, but I can't imagine Arbor, CAIDA, and Renesys can do their jobs without scanning the internet.
Well, as I've just finished describing in another topic here, I treat
scanning of my system as attempted security breaches. Such scans will not elicit any apparent response from my system, except that the scanner's IP address will shortly be added to my "block" file, which will deny all future access to my tor node's ORPort and DirPort.
So all I need to do in order to block a Tor client or bridge from connecting to your Tor relay is send a few SYN packets with forged sender IP addresses? Brilliant move.
Using Tor to scan the internet is a good way to see how the internet looks from different perspectives at once, which can be quite valuable.
I disagree and, as noted above, treat that as a cracking attempt.
Why do you consider a portscan to be an attempt to gain unauthorized access to your computer?
Robert Ransom