[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ProgSoc] port scanning, mapping, and hiding
From: jedd <email@example.com>
Send reply to: firstname.lastname@example.org
Organization: Barely Organised
To: ProgSoc <email@example.com>
Subject: [ProgSoc] port scanning, mapping, and hiding
Date sent: Sat, 20 May 2000 16:46:39 +1000
Forwarded by: firstname.lastname@example.org
Date forwarded: Sat, 20 May 2000 16:11:20 +1000
I've got O@nospam.H installed over a month ago and I havn't had a serious problem related to my setup (a bunch of win98/win2k machines running through a masqueraded linux box).
> I'm about to get Optus@nospam.Home installed (woo woo!), but was
> a wee bit disturbed at the hard-word they laid on during the
> registration process. Apart from the obvious things they're
> scared of (real operating systems, PC's made before 1999,
> purple iMacs, etc) .. they made it quite clear that if the tech,
> when they came out to do the install, found any trace of a
> network, they'd walk out the door.
They never said anything along those lines to me. I even told them that I wanted to install it as a shared connection. The techs that installed the modem and cable want to install it on a win9x or mac machine. But after that, they couldn't care less what I did (they even wished me good luck to getting it working under linux).
> Since I actually do want 1990's quality connectivity to the
> net, I assured them I was running Win95, and didn't know
> what they meant by the word 'network', yadda yadda. And
> when the tech comes, that's what she'll find. But .. some
> questions, in part at anyone who already has email@example.com.
> Is it within the AUP to fiddle with port-scanning from ftoomsh
> to my machine thru the ZIP network, say? I'd be doing it
> specifically to my IP address -- with the sole purpose of
> ensuring that my linux box looks a lot less smart than it really is.
I think thats completely within your rights (the words "port" and "scan" don't exist in the AUP).
> If so, what tools are good / allowable / user-level-runnable,
> from ftoomsh (or elsewhere on progsoc machines) to do this
> kind of portscanning?
There is a web based port scanner avaliable here:
It's pretty limited, but it is free.
> Is anyone between progsoc.uts.edu.au and the .zipworld.com.au
> domains going to be monitoring / likely to get shirty / etc?
I doubt anyone is going to care about a simple port scan. It's probably not a good idea to probe above port 1500 though, there's very rarely anything up there, so you're just wasting your time.
> How legally <speculative> binding is it for a company to provide
> a service that prohibits you from utilising an alternative operating
> system, at some point in the future. I mean - where does their
> service stop, and my property / responsibility start?
I don't think Optus can take the service away from you simply because you have the modem attached to a linux box. But i'm not 100% sure of the legal mumbo-jumbo in that area.
> For anyone that's been thru this process, how much trace-removal
> do I need to do from the win95 box? Obviously, network card
> goes, mapped drive letters go, etc .. but there's still going to be
> the occasional reference on the day, I'm sure, hidden in the registry.
> Are they likely to check this kind of thing? <paranoid>
> I didn't want to ask them on the phone, in case I got a black mark
> against my virtual name, but I'm curious what theirs (and Telstra's)
> solution is for households that have two people that want to use
> the net at the same time. Or for households where two computers
> are hooked up purely for the purpose of playing Quake, say.
Use some form of NAT/proxy server (or both) on the machine thats physically connected (I have a friend that is using an NT4.0 box as a NAT/proxy server). So long as you don't occupy lots of bandwidth, they probably won't notice or care.
Optus is most concerned with people setting up web/ftp servers on a cable modem (which is why they explicitly say that you can't in their AUP). Two people playing quake on a single connection will definately flood your narrow (128-160kb/s) upstream connection.
> Murray posted a URL a while ago (http://metrak.com/OaH/OaH-Linux.html
> that covers the dhcpd / eth0 & 1 configuration stuff -- but doesn't
> touch on the port hiding / dodging aspects. Does anyone have some
> documentation on this -- not just using portmap to hide everything,
> but (a la www.microsoft.com and apache ;) modifying some apps to return
> the kinds of responses down different ports that you'd expect Win9x to do.
> (Is this kind of preparation even likely to be useful / necessary?)
Apparently, the port scans that Optus do come from the 203.164.1.xxx subnet. My linux box blocks all connections from that subnet to http/ftp/telnet ports (these are the services i'm running). Thats about the extent of my precautions, except from having the finger port trigger a system log entry.
Check out the "ipchains-HOWTO" file and this link for more help on firewalling:
I would say that making the linux box look like a windows box is too much hard work and not really necessary. Optus will complain if they find a web server running on your computer one way or the other.
> Note that I don't want to actually serve anything, or even run something
> as harmless as smtp out from the box .. I just don't want to have to
> dial-up to the net, concurrently, just so my flatmate and I can both read
> our mail at the same time.
this might be relevant:
8.5. You may not run network services or provide network services to others via the Optus@nospam.Home residential service. The use of a Local Area Network (LAN) for personal use is permitted. The Optus@nospam.Home residential service includes personal WebSpace accounts for publishing personal web pages. Examples of prohibited use include, but are not limited to, providing network services for e- mail, http, ftp, irc, dhcp or multi-user interactive forums.
The way I read this, you can share the connection within your house for private use only. You are not allowed to set up any network services at all.
- You are subscribed to the progsoc mailing list. To unsubscribe, send a message containing "unsubscribe" to firstname.lastname@example.org. If you are having trouble, ask email@example.com for help.