Slashdot Mirror
Anti-Censorship Efforts And Port Scanning
scubacuda writes "According to Wired, the University of Toronto's Internet Censorship Explorer permits people test the limits of national and organizational Internet-blocking schemes. Users enter a target URL (and a country), and the software then scans the ports of available servers in that country, looking for open ones to connect on from behind that country's firewall. Many consider port scanning a gray area, as it's often used by various hackers to find vulnerabilies that can be exploited."
Really, what's so wrong about it? I mean, having a port open for use is like advertising a service. I think of a computer as a public office building - the kind dentists and lawyers work in - some doors are locked, various ones lead into offices. There is always a receptionist desk.
So, you can go down the hall and find out what offices are open to public business. Some doors are locked, some the secretary says "no, we don't want any new customers" or "you have to go get a t124350892 slip from elsewhere before you see the doctor" or "yes, we're open for business".
The admin is the security guard. If you don't want to be a security guard - lock the front door to the building. Any doors that contain offices that aren't for the public should be locked. Any doors that expect restricted traffic should be selective about who comes in.
Just because OS's are designed cryptically, software is careless, and it requires way more knowledge then it should to hold down a computer doesn't mean port-scanning itself is unethical.
In an ideal system, any server admin should be forced to see right on his main remote window what ports are open and what apps are running on them and what security is in place on each one. This should be on by default for any "dumb server" people plan to use. The problem is that there is that software is designed only for hardcores, and being used by people with a 5 page faq and the man pages. The user doens't see a nice UI showing him whats going on where, all he sees is a blinking white cursor. He knows he's installed a buttload of software, but has no clue what its doing. For efficiency's sake, the software is very cryptic, so he does not know what his machine is doing.
Really - fearing port scanning is security through obscurity. While in time-critical apps like network gaming there is a certain appeal to trusting the users, but in regular serving there should be no doors left open.
The solution to port-scanning isn't banning port-scanning, its making server boxen such that the admin knows what's going on.
"This to me is no different than hacking," said Jon Asdourian, a computer forensics examiner with Stroz-Friedberg. "They're obviously using resources that would not normally be available. Using someone else's resources without their knowledge is abhorrent to us."
So where do I find a list of ports i'm authorized to connect to and use services? What if I set up a web server, publically accessable, but meant for private use, with my entire cd collection ripped to ogg/mp3 - who is responsible if random people start downloading the archive and I get taken to court by the RIAA?
If you come to my house and try all the doors to see what's open to the general public, you'll probably get shot or at least get to see how well your head is capable of decelerating a baseball bat.
Why? It's not polite, and rude people get treated rudely.
Why isn't Australia on their list of selectable countries?
Are they using some other kind of censorship than blocking certain sites?
How small a thought it takes to fill a whole life
Unless you are a friend of mine, yes. Yes, it's a very bad thing. Next you'll be kicking my door to see if it's strong enough. If you are not invited, get off my property. My house has no public doors. My machine has no "public" ports. There are some open ports, but they are not intended for the public. Touching them is not a ethical thing to do. No gray area there.
People make the analogy of port scanning being like testing doors to see if they're unlocked. And it's a good one. You aren't allowed to "test my door", or even walk up the path to it, without my permission. Because it's all my property. That "no solicitors" sign is there to prevent just that.
.
I can't speak with authority on US or international law, but in NZ law (and presumably most of the rest of the commonwealth) you do have implied permission to come on anybodies property at any time. As long as your gate is open, it is legal for anyone to come up your path and knock on your front door until you have let them know otherwise - either by putting up a sign - "No Trespassers", or by telling them to leave your property. After that, then it becomes it illegal for them to be on your land. At this point you can take reasonable steps to remove them.
It's nonsense to say that people don't have an implied right to come onto your land as people do it all the time - neighbours, friends, charity workers, lost people looking for a phone, policeman *cough*, etc etc. . .
However, this is another analogy that falls down, as there is no universally accepted way to put up a sign on a computer saying "Don't use my proxy server" - one can only assume that if its open, its open to be used. If it wasn't meant to be used then it should be closed (much like a gate).
Interesting that Slashdot is blocked by USA K12 even get a nice page saying it is blocked by their filtering policy. Reason for blocked is Thank you for your submission. Below please find a listing of the category (ies) in which your submitted URL appears. For a detailed description of each category, visit our filtering categories section. The Site: slashdot.org is categorized by N2H2 as: Profanity Message/Bulletin Boards