Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 15 May 1999 22:18:05 -0600
From:      Wes Peters <wes@softweyr.com>
To:        Harold Gutch <logix@foobar.franken.de>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: network scan?
Message-ID:  <373E46FD.72E41F3F@softweyr.com>
References:  <Pine.OSF.4.10.9905131211500.1222-100000@bragg> <19990515204158.C390F1F58@spinner.netplex.com.au> <19990516042657.A28280@foobar.franken.de>
next in thread | previous in thread | raw e-mail | index | archive | help 
Harold Gutch wrote:
> 
> On Sun, May 16, 1999 at 04:41:56AM +0800, Peter Wemm wrote:
> > Kris Kennaway wrote:
> > > On Wed, 12 May 1999, Matthew Dillon wrote:
> > >
> > > > :May 12 18:42:24 server /kernel: ipfw: 26000 Deny TCP 202.38.248.205:4359
> > > > :a.b.c.1:1080 in via ed0
> > > > :...
> > > >
> > > >     I get this all the time from people scanning for netbios.  I
> > > >     usually just ignore them.  If I'm in a bad mood I send a nasty gram
> > > >     to the originating network.
> > >
> > > In this case they're looking for an open SOCKS proxy (so they can use it to
> >
> > In this particular case, it's a site in China.  They have a heavily
> > censored internet gateway, and I see lots of probes from china (and other
> > areas in Asia that have enforced proxy use and heavily censored feeds)
> > looking for *:1080 (socks), *:3128 (squid) and *:8080 (squid and/or other
> > proxies including netscape).  They are scanning for relays to bounce
> > connections off to bypass the censored feed.
> >
> Just to make sure I'm getting this right - you're saying China
> has a censored internet gateway (i.e. blocking *something* [what
> exactly ?] ), but they do allow connections to ports 1080, 3128
> and 8080 ?

They block access to sites, not to ports.  In particular, sites that
carry capitalist misinformation, or what we in the free world call
"news."

-- 
       "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                 Softweyr LLC
http://www.softweyr.com/~softweyr                      wes@softweyr.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?373E46FD.72E41F3F>