221 stories
·
1 follower

Endorheic Basin

1 Share
My biggest fear is that colonial engineers will try to flood me to generate electricity. My biggest hope is that I'll develop sailing stones.
Read the whole story
kclowers
13 days ago
reply
Seattle, WA, US
Share this story
Delete

Old Days 2

2 Shares
The git vehicle fleet eventually pivoted to selling ice cream, but some holdovers remain. If you flag down an ice cream truck and hand the driver a floppy disk, a few hours later you'll get an invite to a git repo.
Read the whole story
kclowers
14 days ago
reply
Seattle, WA, US
Share this story
Delete

Test a webcam from the command line on Linux with VLC

1 Share
Since this info was too well hidden on the internet, here is the information:

cvlc v4l2://
and there you go.
Read the whole story
kclowers
23 days ago
reply
Seattle, WA, US
Share this story
Delete

Eventual Consistency

1 Share
Later I'm going to get a head start on the heat bath.
Read the whole story
kclowers
35 days ago
reply
Seattle, WA, US
Share this story
Delete

mbmbam

1 Share
Hello and welcome to Millibar Millibarn Attometer, an advice show for the Planck era.
Read the whole story
kclowers
43 days ago
reply
Seattle, WA, US
Share this story
Delete

Websites Conducting Port Scans

3 Comments and 4 Shares

Security researcher Charlie Belmer is reporting that commercial websites such as eBay are conducting port scans of their visitors.

Looking at the list of ports they are scanning, they are looking for VNC services being run on the host, which is the same thing that was reported for bank sites. I marked out the ports and what they are known for (with a few blanks for ones I am unfamiliar with):

  • 5900: VNC
  • 5901: VNC port 2
  • 5902: VNC port 3
  • 5903: VNC port 4
  • 5279:
  • 3389: Windows remote desktop / RDP
  • 5931: Ammy Admin remote desktop
  • 5939:
  • 5944:
  • 5950: WinVNC
  • 6039: X window system
  • 6040: X window system
  • 63333: TrippLite power alert UPS
  • 7070: RealAudio

No one seems to know why:

I could not believe my eyes, but it was quickly reproduced by me (see below for my observation).

I surfed around to several sites, and found one more that does this (the citibank site, see below for my observation)

I further see, at least across ebay.com and citibank.com the same ports, in the same sequence getting scanned. That implies there may be a library in use across both sites that is doing this. (I have not debugged into the matter so far.)

The questions:

  • Is this port scanning "a thing" built into some standard fingerprinting or security library? (if so, which?)
  • Is there a plugin for firefox that can block such behavior? (or can such blocking be added to an existing plugin)?

I'm curious, too.

Read the whole story
kclowers
44 days ago
reply
Seattle, WA, US
Share this story
Delete
1 public comment
rtreborb
44 days ago
reply
Yikes.
San Antonio, TX
Next Page of Stories