Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Censorship Your Rights Online

Anti-Censorship Efforts And Port Scanning 159

Posted by timothy from the poke-poke-ouch dept.
scubacuda writes "According to Wired, the University of Toronto's Internet Censorship Explorer permits people test the limits of national and organizational Internet-blocking schemes. Users enter a target URL (and a country), and the software then scans the ports of available servers in that country, looking for open ones to connect on from behind that country's firewall. Many consider port scanning a gray area, as it's often used by various hackers to find vulnerabilies that can be exploited."
This discussion has been archived. No new comments can be posted.

Anti-Censorship Efforts And Port Scanning More

Anti-Censorship Efforts And Port Scanning

Comments Filter:
  • Darn, Iraq isn't listed. Just trying to do my part for the effort.

  • Block that (Score:5, Funny)

    by UVABlows ( 183953 ) on Wednesday March 19, 2003 @06:16PM (#5547652)
    So now the countries will just block that site too. How useful.

  • Portscanning (Score:4, Funny)

    by Anonymous Coward on Wednesday March 19, 2003 @06:23PM (#5547682)
    Portscanning finds things that are not meant to be open.

    For example, IIS web services that MS "trusts" enough to give full system access to.

  • proxies (Score:4, Insightful)

    by Kallahar ( 227430 ) <kallahar@quickwired.com> on Wednesday March 19, 2003 @06:24PM (#5547692) Homepage
    "They're obviously using resources that would not normally be available. Using someone else's resources without their knowledge is abhorrent to us."

    Of course, the people with the open proxies have provided a public service to the world. His argument would be similar to someone setting up a website, and then complain when someone uses it without their knowledge. Or putting a sign on your front door that says "Open for Business, please come in" and then complaining when people walk in.

    If you don't want people using your computer, don't provide public services on it.

    Travis

  • Port scanning is not a grey area... (Score:5, Informative)

    by xchino ( 591175 ) on Wednesday March 19, 2003 @06:25PM (#5547693)
    There is nothing wrong with scanning ports and seeing what services a particular server offers to the general public. It's not like it's circumventing any security measures, it's just using TCP/IP in a manner it was meant to be used in. This is like saying that p2p filesharing clients are in a gray market. There's nothing wrong with a p2p filesharing program, the problem lies with those that abuse it.
    • Too right. Why are they scanning for vulnerabilities? Because they know people don't fix them. Well.. tough shit. Fix them, or get hacked. Whats hard about that? There's certainly no grey area there. If you run an unpatched site, you should be held up to public ridicule as surely as if you allow yourself to be used by spammers. Too bad you get to lose your data. But blaming port scanning in general? I don't think so.
      Put up or shut up!

    • It's just not polite (Score:2, Interesting)

      by swb ( 14022 )
      If you come to my house and try all the doors to see what's open to the general public, you'll probably get shot or at least get to see how well your head is capable of decelerating a baseball bat.

      Why? It's not polite, and rude people get treated rudely.
      • Will you stop the stupid computer == house analogy? The singlemost bad thinking about security comes from false analogies. In the house analogy, the person is NOT BLIND. A computer, unless it TRIES to connect to the PORT, wouldn't know that the port was actually open. And if you told me you opened the port x on your computer, the only real way to know no errors were committed, is to make the connection.

        • Re:It's just not polite (Score:3, Interesting)

          by Alan ( 347 )
          Maybe the analogy of "looking at a house to see if the doors are open, or if there is a big 'welcome' sign by the door". I think the analogy of trying a door is better matched up to trying exploits on a port, whereas port scanning is just looking at an open or closed door.

          • Re:It's just not polite (Score:4, Interesting)

            by (void*) ( 113680 ) on Wednesday March 19, 2003 @07:06PM (#5548045)
            The important thing is not to deny legitimate use of portscanning tools. How would I know the machine I set up was not advertising services it does not offer? I portscan it! Portscanning is just part of the repertoire of tricks any network admin must know to debug network problems. While it is certainly possible to use it to accomplish goals other than that, the proper, responsible use of such things should be denied.

            • "The important thing is not to deny legitimate use of portscanning tools"

              Next up: it should be illegal to take a walk around the outside of your home checking for any windows left open.

              Only thieves and criminals would want to know if your windows were open.

              I don't see portscanners being banned anytime soon.

      • Re:It's just not polite (Score:2, Interesting)

        by shepd ( 155729 )
        >If you come to my house and try all the doors to see what's open to the general public, you'll probably get shot or at least get to see how well your head is capable of decelerating a baseball bat.

        Where I come from, you'd be going to jail for a very long time. Certainly much longer than the "burglar", who, at best, would go to jail for a week or two for a tresspass misdemeanor.

        And while that happens to be Canada, the US is no different. That is, assuming you don't have a big "No Tresspassing" sign o
      • You go up to something that looks like a store, and try the doors to see if it's open.

      • Re:It's just not polite (Score:5, Insightful)

        by dissy ( 172727 ) on Wednesday March 19, 2003 @06:53PM (#5547897)
        > If you come to my house and try all the doors to see what's open to the general
        > public, you'll probably get shot or at least get to see how well your head is
        > capable of decelerating a baseball bat.

        Except your home isnt a public place.
        Your home is a private place, for you.

        So to extend that to computers.

        Your PC behind a firewall is a private place.
        Did anyone claim it was OK to attempt to break in through a firewall?
        No. So please stop arguing that point.

        A webserver is indeed a public place.
        Its more compared to the general use lodge at the park down the street.

        And let me tell you, if you attacked me while i was attempting to see if the doors were open on that public general use lodge, you would clearly be in the wrong for doing so.

        When you run a webserver, you are allowing the general public. If you dont want the general public there, take measures, ANY MEASURES AT ALL, to stop them!

        Leaving a webserver on a public network with no filters, firewall rules, IP access lists, or authentication, can not in any way be argued as taking measures to prevent access to it. You wouldnt have a leg to stand on.

        Its akin to putting a tarp down on the ground, setting out your , no walls or screens or covers or anything, then complaining when people look at that is laying out in the open.

        If you dont want that stuff being looked at, dont put it there in public.
        Same difference with a webserver.

        As for your comment of not polite. Inviting people into your home, then shooting them for tresspassing is what _I_ call impolite. That is basically what you are trying to justify being OK.

      • I agree with your conclusion, but not how you got there.

        A computer connected to the public Internet is not a house, and has no surrounding property on which people can knowingly trespass in order to try a doorknob.

        A closer analogy would be someone looking your house over from the street to see if there's a garage sale going on, or you've got business/sale signs up, etc...
        This isn't illegal, despite the fact that a would-be housebreaker could do the same thing to spot an open window.

        Even then, the analogy
        • I disagree with your looking across the street analogy, and agree with the parent poster. In order to scan, you have to hit my firewall/router i.e. MY network with something. If you hit anything past that, you're totally on MY network.

          Now I may have left a lemon tree on my lawn as a public web server, little kids go and pick my lemons all summer long. Since the lemon tree is just for looks, I don't care if they eat lemmons from my tree.

          Now one day, some teenagers come along, and they notice a window open
      • That's just silly. A house is assumed to be private, unless you see a "Garage Sale" or "Auction Today" sign in the front yard. On the Internet there is no front yard, and no sign, just the general assumption that a computer on the Internet is there to communicate over the Internet. As far as I'm concerned, putting a server on the Internet is an invitation to knock on its door and say hello.

        What if you had never heard of Yahoo? For example, you are from a country that just got Internet access. Yahoo is
      • Bad analogy. Bad bad bad bad bad bad bad BAD analogy.

        Anyways. For every single negative use of port scanning I can think of about 10 that would make my life hellish if I was without. Troubleshooting servers. Computer security. Filter testing. IPtable testing. etc. etc. etc.

        Quite often friends bug me for help with their servers, the first thing I do is nmap their machine. If said friend happens to live behind the Great Firewall of China, then I have problems, don't I?
    • This is nonsense. Port scanning is the TCP/IP equivalent or jiggling people's doorknobs to determine who forgot to lock the door. (Even worse, it's typically done en masse; you're jiggling every knob on every door in the house, sometimes for every house in the neighborhood . . .)

      Suppose I came to your house, found the door to be unlocked and decided to come in and take your stuff. Or if you object to me taking your stuff, let's say I just look around because I'm simply curious (i.e., the common "hacker

      • >Suppose I came to your house, found the door to be unlocked and decided to come in and take your stuff.

        No, suppose you came to my house and tried the doorknob. Full stop.

        Where you get the idea that burglarizing someone's home is the equivalent of Port Scanning, I have no clue. I'd hate to see what you compare cracking to. Genocide, perhaps?

      • No, it's your analogy with doorknobs that is nonsense. And there have already been several cases go through the courts where port scanning was found to not be illegal. There's a big difference between requesting a TCP connection be set up, and attempting to make (unauthorised) use of a service behind that TCP port.

      • So if I jiggle your doorknob, discover that it's open and phone you from my cell phone to tell you it's open, you're going to classify that as a bad thing (tm)?

        • Re:Port scanning is not a grey area... (Score:1, Interesting)

          by Anonymous Coward
          Unless you are a friend of mine, yes. Yes, it's a very bad thing. Next you'll be kicking my door to see if it's strong enough. If you are not invited, get off my property. My house has no public doors. My machine has no "public" ports. There are some open ports, but they are not intended for the public. Touching them is not a ethical thing to do. No gray area there.

          • Re:Port scanning is not a grey area... (Score:1, Insightful)

            by Anonymous Coward
            If you put a machine on the net, you just made all of your ports and services public. The internet is a public medium, not a private one.

      • Re:Port scanning is not a grey area... (Score:1, Insightful)

        by Anonymous Coward
        You are not comprehending the post you responded too. Let's face it, the internet is a public place, if you want privacy use a VPN or similar tools. This would require some knowledge, yes. Correcting your analogy, scanning ports is like jiggling doorknobs of *public* buildings, or window shopping. If it's supposed to be a private "door", well then, the owner had better make it so.
      • "Suppose I came to your house, found the door to be unlocked and decided to come in and take your stuff. Or if you object to me taking your stuff, let's say I just look around because I'm simply curious "

        Jiggling your door handle wouldn't be illegal, I think that's a poor analogy though. It's more like I'm looking at your house and counting the number of windows and doors. Actually walking through the door or crawling through the window is where the illegality lies.

        You are confusing port scanning an
    • Portscanning is annoyance for sysadmins...I regularly put IP's that scan my system into my firewall as permanently blocked...

      I don't care if I *do* have the ports blocked, I don't want you doing that...it's my system and you can stay out.
      • You have every right to block port scanners just as they have every right to scan your ports. It may be your system, but you have it hooked up to a public internet with a public IP address. You do not own either of those, and by using them you are entering a social contract. You can't tell people on the street not to look at you just because you're naked, or think staring is rude. You can only either go home where you have privacy, or put some clothes on.
  • Yemen blocks sex websites? Shocker. Now if only they could block sex spam, maybe it'd be worth moving there...

    --LP (j/k)

  • Tool (Score:4, Informative)

    by gmuslera ( 3436 ) on Wednesday March 19, 2003 @06:26PM (#5547704) Homepage Journal
    Knifes are a gray area too, because is used by killers to stab people. But also they are used by surgeons, to save lives, and for everyone else to eat, cut things and so on... so, they must be forbidden or not?

    Anyway, I think that the main use of port scanning today, in internet (to contrast with internal lans, where it have some useful applications, from security audits to automatic configuration of things), is to find vulnerabilities, and even for lawful tries, is recomended to ask permision or be with the knowledge of the the remote administrator. If the ICE don't ask permission to the remote administrator for the scanning, well, I think that the "gray" area is actually pretty dark.

    • When was the last time someone was murdered with a scalpel?

    • Re:Tool (Score:3, Informative)

      by unicron ( 20286 )
      That's a bad analogy. A better one is to say port scanning is like walking through a neighborhood trying doorknobs looking for an unlocked one.
    • Knifes are a gray area too, because is used by killers to stab people. But also they are used by surgeons, to save lives, and for everyone else to eat, cut things and so on... so, they must be forbidden or not?

      The distinction here is consent.

      If a surgeon cuts you without your consent, that's illegal. If you port scan me without my consent, that's no gray area.

      To get even more legalistic, there is implied consent. If I'm dying and can't give consent, cut away. If you are my ISP, scan away.

    • If the ICE don't ask permission to the remote administrator for the scanning, well, I think that the "gray" area is actually pretty dark.

      "Hey Fletch, how are you coming with that article?"
      "Well, there were sort of in a gray area"
      "How gray?"
      "ummm charcoal?"

  • Man the barricades (Score:5, Informative)

    by 1984 ( 56406 ) on Wednesday March 19, 2003 @06:26PM (#5547709)
    People get too excited about port scanning. They also get exciting about network mapping that looks like port scanning (try tracerouting a lot of hosts).

    Your ports will get scanned. Get over it. If it upsets you, look for ways to dump the traffic. Yes, it is an oft-used reconnaisance technique for profiling systems prior to attack. But if a portscan allows an attacker to mount a successful attack on the basis of finding open ports or a vulnerable OS, then your security is inadequate. It's your problem.

    No, I don't think portscanning is "nice", but really, folks, it isn't going to go away, and you should be thinking more realistically about the defensive measures necessary to protect your systems.
    • Portscanning on proxy ports is now very often done by spammers, who either send the spam through the proxy to the destination or through the proxy to an open relay. I know - I run a fake open relay and see it done very often.

      There are those who run fake open proxies that deceive the spammers. It's fine to call for defensive measures. Running an open proxy honeypot designed to snare spammers is a very good defensive measure.

  • Grey Area? (Score:5, Informative)

    by Daetrin ( 576516 ) on Wednesday March 19, 2003 @06:27PM (#5547724)
    Many consider port scanning a gray area, as it's often used by various hackers to find vulnerabilies that can be exploited.

    This sounds like the claims made by the RIAA and MPAA and others when they got the DMCA created. "Some of it could be used by some people to do something illegal, therefore we should make it all illegal." Clearly, as this program itself demonstrates, there are legitimate uses for port scanning, so i fail to see why the technique itself should be considred a "grey area."

  • Sniff my ports, please! (Score:5, Funny)

    by L. VeGas ( 580015 ) on Wednesday March 19, 2003 @06:29PM (#5547733) Homepage Journal
    It's about the only action I'm getting these days.

    thanks,
    HAL

  • Looks like a good idea. (Score:3, Insightful)

    by alizard ( 107678 ) <alizardNO@SPAMecis.com> on Wednesday March 19, 2003 @06:30PM (#5547744) Homepage
    On one hand, I don't see any other way to collect the information and regard it of value. I think finding out how network-based censorship is a good idea, especially if the responsible parties are lying about who it is applied to and how it is applied, which IMHO, is the *usual* situation. I believe that censorship is rarely, if ever applied for the benefit of the targets. The truth about this *should* be out there and available for the people clever enough to get past the censorship.

    On the other hand, it is taking network resources without asking permission and could conceivably even cause trouble for the network administrator or business or its customers.

    However, if the netadmin is competent, there's no problem because there won't be any open ports available to the outside for proxy use anyway. Moreover, it's exactly the incompetent sysadmin who leaves ports open who is responsible for the open relays that are used for the bulk of the spam that clogs our email boxes. If a sysadmin gets grilled for a week or two over his system's attempt to access "forbidden sites", perhaps this will teach him that it's time to lock down his system and if he doesn't know how to, find out NOW.

    This makes the program a good idea in any case. Anything that disproportionately hammers stupid sysadmins is a good thing, even if the sysadmin is the owner of a single box with a broadband connect that due to the usual end-user cluelessness, is 0wN3d by every script kiddie on the Net and whose bandwidth is mainly used to spread either trojans or spam.

  • I've always heard that port scanning is like checking to see if doors are unlocked. Its annoying but not illegal. However using the knowledge and breaking in.

    If people are that concerned then they can always reconfigure their firewall to only allow traffic to the ports that are meant to be open and drop the rest. Of course if they really want to get paranoid then they should look at fooling nmap [slashdot.org] (posted a couple of days ago)

    Rus

  • Port scanning (Score:5, Interesting)

    by Pxtl ( 151020 ) on Wednesday March 19, 2003 @06:31PM (#5547751) Homepage
    Really, what's so wrong about it? I mean, having a port open for use is like advertising a service. I think of a computer as a public office building - the kind dentists and lawyers work in - some doors are locked, various ones lead into offices. There is always a receptionist desk.

    So, you can go down the hall and find out what offices are open to public business. Some doors are locked, some the secretary says "no, we don't want any new customers" or "you have to go get a t124350892 slip from elsewhere before you see the doctor" or "yes, we're open for business".

    The admin is the security guard. If you don't want to be a security guard - lock the front door to the building. Any doors that contain offices that aren't for the public should be locked. Any doors that expect restricted traffic should be selective about who comes in.

    Just because OS's are designed cryptically, software is careless, and it requires way more knowledge then it should to hold down a computer doesn't mean port-scanning itself is unethical.

    In an ideal system, any server admin should be forced to see right on his main remote window what ports are open and what apps are running on them and what security is in place on each one. This should be on by default for any "dumb server" people plan to use. The problem is that there is that software is designed only for hardcores, and being used by people with a 5 page faq and the man pages. The user doens't see a nice UI showing him whats going on where, all he sees is a blinking white cursor. He knows he's installed a buttload of software, but has no clue what its doing. For efficiency's sake, the software is very cryptic, so he does not know what his machine is doing.

    Really - fearing port scanning is security through obscurity. While in time-critical apps like network gaming there is a certain appeal to trusting the users, but in regular serving there should be no doors left open.

    The solution to port-scanning isn't banning port-scanning, its making server boxen such that the admin knows what's going on.

  • Nothing to see here folks (Score:3, Insightful)

    by smylie ( 127178 ) <spam_me AT smylie DOT co DOT nz> on Wednesday March 19, 2003 @06:34PM (#5547780) Homepage
    From the article:
    "This to me is no different than hacking," said Jon Asdourian, a computer forensics examiner with Stroz-Friedberg. "They're obviously using resources that would not normally be available. Using someone else's resources without their knowledge is abhorrent to us."

    Thats just crap - if somebody leaves a proxy-server open to the world, they can hardly complain when *gasp* somebody uses it as a proxy server . . .

    And as somebody mentioned earlier, port scanning itself is not inherently wrong. Its people putting the information gained from port scanning to ill use that is wrong.

    It strikes me that there's some analogy to gun control here - port scanning doesn't root computers, hax0rs root computers . . .
    • And if you leave the keys in your car, you can hardly complain when *gasp* I take it downtown and sell it to a chopshop for 150 bucks.

      People make the analogy of port scanning being like testing doors to see if they're unlocked. And it's a good one. You aren't allowed to "test my door", or even walk up the path to it, without my permission. Because it's all my property. That "no solicitors" sign is there to prevent just that.

      Many open proxies are the result of previous hacks into the system. Many more
      • People make the analogy of port scanning being like testing doors to see if they're unlocked. And it's a good one. You aren't allowed to "test my door", or even walk up the path to it, without my permission. Because it's all my property. That "no solicitors" sign is there to prevent just that.

        I can't speak with authority on US or international law, but in NZ law (and presumably most of the rest of the commonwealth) you do have implied permission to come on anybodies property at any time. As long as your
        • It is not necessary to put up a "don't use my proxy" sign. When it comes to proxies, unless you are invited to use the proxy, you do not have permission.

          A proxy should not be confused with a public webserver, where it is reasonable to assume that the default is to allow public access. Your analogy of the open gate applies to normal webpages on my webserver. But using my proxy without my permission is the same as driving off in my car (although when someone comes to steal my car, I deliberately leave the k

          • It is not necessary to put up a "don't use my proxy" sign. When it comes to proxies, unless you are invited to use the proxy, you do not have permission.
            A proxy should not be confused with a public webserver, where it is reasonable to assume that the default is to allow public access. Your analogy of the open gate applies to normal webpages on my webserver.

            I disagree - if you do not want something to be available and usable by the public then you don't make it available and usable to the public.

            For ins

  • Riddle me this.... (Score:2, Interesting)

    by Anonymous Coward
    "This to me is no different than hacking," said Jon Asdourian, a computer forensics examiner with Stroz-Friedberg. "They're obviously using resources that would not normally be available. Using someone else's resources without their knowledge is abhorrent to us."

    So where do I find a list of ports i'm authorized to connect to and use services? What if I set up a web server, publically accessable, but meant for private use, with my entire cd collection ripped to ogg/mp3 - who is responsible if random people
    • Why do anonymous cowards not see a difference between accessing webpages on a site (a normal use of the internet which does not require prior permission), and using their proxy (something you shouldn't be doing without first being explicitly invited to).
      • How is access to port 80 any more "use of the internet" than access to any other port? "The Web" is not "The Internet".
  • Well "free speech"/"no censorship" may be a US law but certainly not a international law. And internet is a global thing which can not be governed by either a US law or an international law.
    In fact each country's local law will determine the fate of each packet that passes over h/w equipments stationed in that country. If that is unacceptable to some, tough luck, find another country to host the equipment
    Each country has its laws which may appear as censorships to others, this doesn't give the other coun

  • Doesn't scan ports... (Score:5, Informative)

    by Neutron Zenith ( 469745 ) on Wednesday March 19, 2003 @06:35PM (#5547791) Homepage
    According to their website:

    NOTE: This wired article is not exactly accurate.

    1. The ICE browser does not port scan anyone, it issues a request for a URL to a proxy server and returns the results to the user. There is no scanning of any kind.

    The process of scanning occurs when open, publicly accessible proxies are identified by researchers in the Citizen Lab. The only ports checked are 80, 8080, and 3128, no others.

    In many cases proxies are identified based on the fact that they are listed on websites that catalog lists of open, publicly accessible proxy servers. In such cases NO scanning is done.

    You can read the rest here [opennetinitiative.net].

  • Why isn't Australia on their list of selectable countries?

    Are they using some other kind of censorship than blocking certain sites?

    • Australia doesn't censor websites - they only tell people they do. (It keeps the conservatives happy. They'll never know, because they'll never check.)

      If you don't believe me, try finding the list of censored sites. OK, that list is censored, but as far as I can tell, that's it.

  • It's not exactly port scanning as most people think of it. They're looking for web proxy servers, which they can then use to see what web sites are visible to that system.

    The only ports they really need to check are 80, 1080, 8080 and maybe a couple of others that are in common use. Then they send an HTTP GET command to try to access some publicly visible system like Yahoo, or maybe the local government home page. If it works, they've found a proxy server. More often they get a 404 or some similar erro
  • This is a tremendous public service Slashdot is providing... by reposting [slashdot.org] old articles but slightly rewording them, perhaps at least one copy will make it past the filters!

  • Seeing as it is possible to to illicit a DoS or due to poor program design actualy crash applications with a simple port scanning then you have to question if its even a gray area, ie if you do damage its bad, if not your ok.

    Port scanning is akin to ringing somebodies phone and hanging up when they pick up. Fun, potentialy annoying, potentialy very annoying with regards to the target.

    The only people I portscan are people who appear in my firewall logs or friends with prior concent. Never throw the 1st

    • Seeing as it is possible to to illicit a DoS or due to poor program design actualy crash applications with a simple port scanning then you have to question if its even a gray area, ie if you do damage its bad, if not your ok.

      That is really a crock. If a program crashes because of data it receives from the network, it is buggy, and should be fixed. Unless the sender sends data with the intention to interfere with the scanned machine's operation, it is silly to blame the sender for damage. This is a commo

      • Just because you can fit a scredriver into a wallsocket means it was intended for such purposes. Not all applications are deemed buggy just becase to port scan crashes the application. There are many many forms of port scanning used today and some can casues problems/highlight unforseen issues both good and bad. For example there is one manufactures fault tolllerant clustering software that would crsh due to one form of port scanning. There's one WIFI (well a few actualy) that spit out there encryption
  • Hmmm, my country appears to make all the sites, that Slashdot links to, unreachable.

    An anti-nerd conspiracy?

  • Scanning is.. well, interesting. (Score:5, Funny)

    by pclminion ( 145572 ) on Wednesday March 19, 2003 @06:48PM (#5547866)
    I get hundreds of scans per day. I don't "take offense" at this or get my panties crunched over it. In fact, it's interesting to see what the latest "craze" is -- some weeks, the LPD port is really popular, other times it's port 1433 (sql slammer). A lot of the time I'm aware of a new vulnerability even before it's widely known, because I start seeing people hitting those ports.

    All my firewall events go into a DB, which I query daily. I have a set of reports showing things like average scans per second per host, most popular ports, most popular times of day, etc. If I see something incredibly suspicious I suppose I would try to investigate further -- but most of the time I just have a good time watching people bounce off my firewall.

    If you don't want people sending packets to various ports on your box, perhaps you should disconnect it from the Internet.

    • > All my firewall events go into a DB, which I query daily.

      You set that up yourself or use some tool? In the latter case, which one?
      • Alas it's a homebrew deal. I'm running syslog-ng which logs iptables firewall events to both a flat file and a FIFO. Sitting on the other side of the FIFO is a perl script which translates each log event into a SQL insert statement and pipes these statements into MySQL.

        It took only a few hours to set up and ensure everything was working right. I highly recommend that you use syslog-ng so that you can direct the logs to both a FIFO *and* a plain file. That way if the DB goes down it continues logging, and

  • They're going to get people hurt. *Physically* (Score:2, Insightful)

    by Anonymous Coward
    Do I understand this correctly? They're port-scanning for proxies *within totalitarian regimes* and then bouncing requests for *restricted material* off of those machines? What the hell happens when the totalitarian regime gets angry? All they see is a machine *in their country* repeated trying to access restricted information. They won't go beat up these "researchers" in Canada, they'll go beat up/arrest/jail/re-educate the poor sysadmin who doesn't know how to configure a proxy properly. That's just

  • Slashdot Blocked by US K12 (Score:2, Interesting)

    by Anonymous Coward
    Interesting that Slashdot is blocked by USA K12 even get a nice page saying it is blocked by their filtering policy. Reason for blocked is Thank you for your submission. Below please find a listing of the category (ies) in which your submitted URL appears. For a detailed description of each category, visit our filtering categories section. The Site: slashdot.org is categorized by N2H2 as: Profanity Message/Bulletin Boards
  • The ethics debate over port scanning are valid, and important. But this technique offers potentials for the world community that definately deserve our attention...

    By making this knowledge available to those who live in countries whose government censor internet access, they become empowered to bypass whatever censorship that's imposed on them. The government may block public proxy servers or sites that provide listings to them, but they can't stop someone from discovering proxy servers themselves!

    For t

  • Port scanning is in the same grey area that most other security-inclined activities are, because it's about intent -- a port scanner can be used for good or for evil. If I'm port scanning my own machine to make sure that no unauthorized ports are bound, that's certainly a legitimate operation. So even can be applications that would otherwise be purely malicious -- it's find to run a program to gobble up memory, eat CPU, or spawn processes crazily if I'm stress testing a machine. Even password crackers can

  • Where I work... (Score:2, Informative)

    by natet ( 158905 )
    Port scanning without authorization (and not just from the owner of the box) is grounds for termination. Only certain people who have completed special training are allowed to scan a box, even one not on site.

Slashdot Top Deals

Never ask two questions in a business letter. The reply will discuss the one you are least interested, and say nothing about the other.

Close