HOW in the HELL did they FIND me?
in [Firewalls]
|
Prev: Online Armor Firewall?
Next: Firewall basics
From: Chilly8 on 10 Jan 2008 18:26 X-No-Archive: Yes My proxy was found by script-kiddies, using port scanning, and is now in a lot of public proxy lists. While I advertise my proxy on my web site, I took great care to keep it OFF the myriad of public proxy lists, so I would not show up in any proxy blacklists. I thought that by keeping my proxy AWAY from ports 80, 81, 1080, 3128, 8000, 8080, 8081, 8118, or 9050, someone using proxy scanner would NOT find my proxy. I always thought that the hacker toolz for that scanned for open proxies would ONLY use those afforementioned ports, and proxies on ports other than those, would NOT be found by the script kiddies. In the past hour or so, since my proxy appeared in some of the major lists, my server is been JUMPING with connections to my proxy, and many of them from corporate addresses ALL OVER the United States and Canada. From just ONE workplace, there have been DOZENS of connections going to my Tor entry proxy. I had 14 workers are one company, in New Hampshire, connecting to my proxy at once. This one company in NH that has a subscription online gaming service has 6 active connections to my proxy right now, as I am writing this. And these are INCOMING connections from their network into my proxy. Since its a Tor proxy, I don't know where the go beyond my machine, since I am only a Tor entry proxy, which allows people from any environment, where the machines are locked down, to be able to get onto the Tor network, without having to use the software. Anybody with an always-on connection can do this. You just simply install the Tor software, and configure it to be publicly accessible from anywhere in the world, and, voila!, you have an entry point onto the Tor network, allowing people to use Tor, without having to install the software. I cannot figure out how my proxy could be found through scanning toolz, which I specifically keep it OFF the ports that proxies typically use, so that I will NOT be scanned, and appear in any of the proxy lists.
From: Walter Roberson on 10 Jan 2008 18:46 In article <fm69ig$mil$1(a)aioe.org>, Chilly8 <chilly8(a)hotmail.com> wrote: >In the past hour or so, since my proxy appeared in some >of the major lists, my server is been JUMPING with >connections to my proxy, and many of them from >corporate addresses ALL OVER the United States >and Canada. From just ONE workplace, there have >been DOZENS of connections going to my Tor entry >proxy. I had 14 workers are one company, in New >Hampshire, connecting to my proxy at once. This one >company in NH that has a subscription online gaming >service has 6 active connections to my proxy right now, >as I am writing this. Based upon your Subject, you appear to be a bit annoyed at this mass use of your system resources. If so, then you should not be, since you have made it clear that you consider use of network resources without specific authorization to be valid and justified and not a crime or punishable as long as no password was broken. It was, in your framework, your fault for failing to lock down your access sufficiently, not anyone's fault for taking advantage of that insufficiency.
From: Chilly8 on 10 Jan 2008 19:08 X-No-Archive: Yes "Walter Roberson" <roberson(a)hushmail.com> wrote in message news:Q7yhj.50232$EA5.15819(a)pd7urf2no... > In article <fm69ig$mil$1(a)aioe.org>, Chilly8 <chilly8(a)hotmail.com> wrote: >>In the past hour or so, since my proxy appeared in some >>of the major lists, my server is been JUMPING with >>connections to my proxy, and many of them from >>corporate addresses ALL OVER the United States >>and Canada. From just ONE workplace, there have >>been DOZENS of connections going to my Tor entry >>proxy. I had 14 workers are one company, in New >>Hampshire, connecting to my proxy at once. This one >>company in NH that has a subscription online gaming >>service has 6 active connections to my proxy right now, >>as I am writing this. > > Based upon your Subject, you appear to be a bit annoyed at this > mass use of your system resources. If so, then you should not be, Its not that. Its the fact that I will likely be placed in the proxy blacklists. The various proxy lists are where the blacklists are compiled from, and I will likely be blocked at many corporations within the next few days. The use of resources does not concern me as much as the likelihood of getting added to proxy blacklists, and being blocked on many corporate networks now. I had far more than the load I have now, during Cyber Monday, last November. Like I say, its not the use of resources that gets me, its the fact that I will appear on proxy blacklists, and be blocked, the next time companies update their filtering lists.
From: Flash Gordon on 10 Jan 2008 19:38 Walter Roberson wrote, On 10/01/08 23:46: > In article <fm69ig$mil$1(a)aioe.org>, Chilly8 <chilly8(a)hotmail.com> wrote: >> In the past hour or so, since my proxy appeared in some >> of the major lists, my server is been JUMPING with >> connections to my proxy, and many of them from <snip? > Based upon your Subject, you appear to be a bit annoyed at this > mass use of your system resources. If so, then you should not be, > since you have made it clear that you consider use of network > resources without specific authorization to be valid and justified > and not a crime or punishable as long as no password was broken. > It was, in your framework, your fault for failing to lock down your > access sufficiently, not anyone's fault for taking advantage of > that insufficiency. Well, I hope it ups Chilly's internet charges. -- Flash Gordon
From: Chris Davies on 10 Jan 2008 19:16
Chilly8 <chilly8(a)hotmail.com> wrote: > My proxy was found by script-kiddies, using port scanning, and is > now in a lot of public proxy lists. Tough. > I thought that by keeping my proxy AWAY from ports 80, 81, 1080, 3128, > 8000, 8080, 8081, 8118, or 9050, someone using proxy scanner would > NOT find my proxy. Well now you know it's not true, don't you. > I am only a Tor entry proxy, which allows people from any > environment, where the machines are locked down, to > be able to get onto the Tor network [...] You're complaining about people (mis)using your connection's resources when you actively enable other people to misuse their (corporate) resources? Doesn't that strike you as a little, um, hypocritical? Chris |