undefined | Better HN

0 pointsasudosandwich6y ago0 comments

>> There are legitimate reasons for port scanning

Such as?

0 comments

8 comments · 3 top-level

bjt2n39046y ago· 4 in thread

You run a network, and want to run a security audit. You need to know what devices are operating on it, and what services they are offering.

I don't get upset if someone opens and closes a socket to my VPS to see if something's there. My VPS is exposed to the internet. If a socket opens, it should be secure anyways. There's the chance nginx has an unknown zero day, but if I wanted to avoid that, I'd firewall it.

Things are a little less nice if you open a socket and start sending data to see what's there, assuming the server doesn't respond with a banner.

pdonis6y ago

> You run a network

That might be a reason for you to port scan your network.

It is not a reason for your website to port scan my network. Especially since your website running inside my browser is inside my firewall.

> and want to run a security audit

Then you use tools designed to run security audits. You don't open a huge security hole in everybody's browser just so you can use a browser to run a security audit.

cgranier6y ago

But that's a very different use case than having a website you visit portscan your computer (which I believe is what the user above you is referring to.

There's really no legitimate reason for eBay, or any other website, to portscan your computer. There's nothing there needed for browsing their website.

jschwartzi6y ago

What about port scanning your service before you've secured it during development? At some point we have to be able to trust the network we're on. It's ludicrous to expect everything to be configured correctly and securely right from the start especially if you're developing the thing being scanned while it's being scanned. I'd much rather websites not be able to scan my home or office network than have to treat that network like I treat the Internet.

ohazi6y ago

> I don't get upset if someone opens and closes a socket to my VPS to see if something's there. My VPS is exposed to the internet.

That's not what's happening here.

My laptop is not exposed to the public internet because it's behind a firewall / NAT. This is like going to my house, plugging a device into an Ethernet port on my router, and scanning my internal network from inside my network.

Except instead of them planting a device, all they have to do is get you to navigate to their webpage. They're getting your laptop to do the port scanning for them, and in so doing, they get access to your internal network. The problem isn't port scanning, the problem is NAT busting.

jimmaswell6y ago· 1 in thread

IRC servers detect open proxies that way.

jorams6y ago

IRC servers don't run in a browser. Instead they scan ports from the outside, which is not a problem. Anything they find is open to the entire internet anyway.

iso16316y ago

Without context people might get the wrong end of the stick. There are legitimate reasons to use nmap on your own equipment, sure.

A port scanner running on a webpage without the users knowlege is never legitimate.

So the question is what legitimate reason is there for a port scanner running in a web browser with the users knowledge?

j / k navigate · click thread line to collapse