|
Posted by Chilly8 on January 10, 2008, 6:26 pm
If you were Registered and logged in, you could reply and use other advanced thread options
X-No-Archive: Yes
My proxy was found by script-kiddies, using port scanning, and is
now in a lot of public proxy lists. While I advertise my proxy
on my web site, I took great care to keep it OFF the myriad
of public proxy lists, so I would not show up in any proxy
blacklists. I thought that by keeping my proxy AWAY
from ports 80, 81, 1080, 3128, 8000, 8080, 8081, 8118,
or 9050, someone using proxy scanner would NOT find my
proxy. I always thought that the hacker toolz for that scanned
for open proxies would ONLY use those afforementioned
ports, and proxies on ports other than those, would NOT be
found by the script kiddies.
In the past hour or so, since my proxy appeared in some
of the major lists, my server is been JUMPING with
connections to my proxy, and many of them from
corporate addresses ALL OVER the United States
and Canada. From just ONE workplace, there have
been DOZENS of connections going to my Tor entry
proxy. I had 14 workers are one company, in New
Hampshire, connecting to my proxy at once. This one
company in NH that has a subscription online gaming
service has 6 active connections to my proxy right now,
as I am writing this. And these are INCOMING connections
from their network into my proxy. Since its a Tor proxy,
I don't know where the go beyond my machine, since
I am only a Tor entry proxy, which allows people from any
environment, where the machines are locked down, to
be able to get onto the Tor network, without having to
use the software. Anybody with an always-on connection
can do this. You just simply install the Tor software, and
configure it to be publicly accessible from anywhere in
the world, and, voila!, you have an entry point onto the
Tor network, allowing people to use Tor, without having
to install the software.
I cannot figure out how my proxy could be found through
scanning toolz, which I specifically keep it OFF the
ports that proxies typically use, so that I will NOT be scanned,
and appear in any of the proxy lists.
|
|
Posted by Walter Roberson on January 10, 2008, 6:46 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>In the past hour or so, since my proxy appeared in some
>of the major lists, my server is been JUMPING with
>connections to my proxy, and many of them from
>corporate addresses ALL OVER the United States
>and Canada. From just ONE workplace, there have
>been DOZENS of connections going to my Tor entry
>proxy. I had 14 workers are one company, in New
>Hampshire, connecting to my proxy at once. This one
>company in NH that has a subscription online gaming
>service has 6 active connections to my proxy right now,
>as I am writing this.
Based upon your Subject, you appear to be a bit annoyed at this
mass use of your system resources. If so, then you should not be,
since you have made it clear that you consider use of network
resources without specific authorization to be valid and justified
and not a crime or punishable as long as no password was broken.
It was, in your framework, your fault for failing to lock down your
access sufficiently, not anyone's fault for taking advantage of
that insufficiency.
|
|
Posted by Chilly8 on January 10, 2008, 7:08 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>>In the past hour or so, since my proxy appeared in some
>>of the major lists, my server is been JUMPING with
>>connections to my proxy, and many of them from
>>corporate addresses ALL OVER the United States
>>and Canada. From just ONE workplace, there have
>>been DOZENS of connections going to my Tor entry
>>proxy. I had 14 workers are one company, in New
>>Hampshire, connecting to my proxy at once. This one
>>company in NH that has a subscription online gaming
>>service has 6 active connections to my proxy right now,
>>as I am writing this.
>
> Based upon your Subject, you appear to be a bit annoyed at this
> mass use of your system resources. If so, then you should not be,
Its not that. Its the fact that I will likely be placed in the proxy
blacklists. The various proxy lists are where the blacklists are
compiled from, and I will likely be blocked at many corporations
within the next few days. The use of resources does not concern
me as much as the likelihood of getting added to proxy blacklists,
and being blocked on many corporate networks now. I had
far more than the load I have now, during Cyber Monday,
last November.
Like I say, its not the use of resources that gets me, its the
fact that I will appear on proxy blacklists, and be blocked,
the next time companies update their filtering lists.
|
|
Posted by Leythos on January 11, 2008, 6:50 am
If you were Registered and logged in, you could reply and use other advanced thread options > Its the fact that I will likely be placed in the proxy
> blacklists. The various proxy lists are where the blacklists are
> compiled from, and I will likely be blocked at many corporations
> within the next few days.
LOL, and you were already blocked by most corporations, as most of them
have properly secured networks.
So, for the numbers of companies that use block lists, you will now show
up on theirs too, but the sad part is that many companies don't lock
down their networks well enough.
I hope that the group that found you continues to scan for your services
(not that they care about you actually) and post it in block lists.
Network admins have a right to block content from their networks, and
you content is the best type to block.
--
Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)
|
|
Posted by Chilly8 on January 11, 2008, 12:12 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>> Its the fact that I will likely be placed in the proxy
>> blacklists. The various proxy lists are where the blacklists are
>> compiled from, and I will likely be blocked at many corporations
>> within the next few days.
>
> LOL, and you were already blocked by most corporations, as most of them
> have properly secured networks.
>
> So, for the numbers of companies that use block lists, you will now show
> up on theirs too, but the sad part is that many companies don't lock
> down their networks well enough.
I know that block lists are based on what shows up in the proxy
lists. If I turn off my proxy for a few days, I will dissappear
from the proxy lists, and will, hence, be dropped from the
proxy blacklists, since they go on what are on the various
lists of open proxies all over the Net.
It was interesting to see what addresses people are connecting
to. I must say people from corporate addresses were connecting
to a variety of sites. A lot of people were connecting to MySpace
from work. People were connecting to dating sites from work.
It seems that eHarmony is surfed from work quite a bit.
But the biggest surprise, from Australian workplaces, was
just how many people were coming through my proxy to
watch the O'Reilly Factor, from work, through the TVU
P2P television service. The boss would know that
someone was comsuming 300K of bandwidth from ]
my proxy, but he or she would NEVER figure out that
someone was watching Bill O'Reilly from work,during
the Australian workday. The times he comes oncorrespond
to the working hours in Australia, and these employers
whose networks were being used to watch O'Reilly will
NEVER know what was going on.
|
| Similar Threads | Posted | | Port 3060? What in the hell is going on? | November 30, 2004, 12:27 pm |
| Need to find a woman? Look here! th[n?#7 | February 13, 2005, 4:54 pm |
| Who's Trying to Get In Your Computer? Find Out! | April 27, 2005, 7:12 pm |
| Re: Anybody find SuperDuper 2.1.4 serial? | August 4, 2007, 11:17 am |
| Find vulnerabilities in your windows before hackers | April 22, 2008, 2:34 am |
| AtGuard - I find it works fine with XP Home. | December 26, 2005, 9:30 am |
| NIS 2004: Find & delete user-added rule | February 13, 2005, 11:20 pm |
| How do I find the firewall on my computer, to disable it and install HP printer? | July 28, 2006, 12:21 pm |
| find out why ingoing traffic meter completely full | May 19, 2007, 8:32 am |
| Norton Internet Security doesnt find correct profile | January 27, 2005, 1:37 pm |
|
XML site map