
Slashdot is Port Scanning Its Users - bado
http://soylentnews.org/article.pl?sid=14/04/09/1925245&amp;from=rss
======
cmdrtaco
This tactic has probably blocked a million bot posts over the years, so I
guess... Sorry... But not really sorry?

~~~
gburt
I don't understand all the huff on that forum about this. It pings to see if
you have some ports open. So what?

~~~
davidgerard
The "huff" is that this forum is the attempted community fork of Slashdot that
even less people care about.

------
precision
This is old news. Slashdot even did a story about this long ago. It seems
every couple years someone finds this and makes a mountain out of a mole hill.
If you're connected to the internet expect all kinds of random packets to be
tossed your way.

------
diminoten
I'm firmly in the "So what?" camp on this.

IRC servers have been known to do this as well, from time to time, as bot
mitigation.

~~~
korzun
Yup, if anything more web sites should be doing this.

------
thomble
This isn't anything new. Slashdot commenting used to trigger my IDS. This is
just an old and unnecessary way of approaching a problem, just like Slashdot
itself.

~~~
samstave
+1 Insightful.

------
Giraffenstein
The responses to this issue appear to fall into two groups: The first group
doesn't care, and the second group is apoplectic but is unable (or unwilling)
to explain _why._

------
eps
The issue is with _Slashcode_ that runs many sites including _Slashdot_ , its
birthplace.

~~~
justinator
Can you name another site that uses Slash?

~~~
davidgerard
Soylent News!

Really, Slashcode is just unbelievably horrible. I ran it myself. It's
stupidly fragile, you can break it by altering things in the interface and it
stores its weblogs in the MySQL database.

I eventually moved everything to WordPress and stopped wanting to STAB MYSELF
IN THE FACE REPEATEDLY whenever I wanted to make a post.

Slashcode is not my favourite CMS.

~~~
dylz
>stores its weblogs in the MySQL database

Can you explain this to me? this seems like exactly what wordpress does..?

~~~
patio11
I think he meant "a log of accesses to the website" rather than "a blog."
Those are often persisted on disk because they tend to get rather voluminous
and the questions one wants to ask of them rarely benefit from SQL.

------
z92
Why?

That question was asked now ~10 years back. The answer was: to check if the
submitter is using an random open proxy server from the net to bypass their IP
filter.

From the code

    
    
        # If we don't have an IP address, it can't be an open proxy.
    

And scanning commonly known proxy server ports.

    
    
        my $ports = $constants->{comments_portscan_ports} || '80 8080 8000 3128';

~~~
xtracto
Yeah, I remember reading the same discussion in Slashdot ten or more years go.
I also had the reason in the back of my head, thanks for reminding me :). This
is nothing new, really. I hope we don't get a submission about how some
contemporary CD's from Sony have a rootkit...

------
ntakasaki
I thought this was well known, and I think it only happens when someone tries
to submit a comment, so the title is slightly misleading. There is a
perceptible delay while trying to submit after a day or so, but it seems to
cache the result so it's faster if you comment again within the interval.

------
TazeTSchnitzel
I've never understood why port-scanning upset people anyway. Could someone
please explain that to me?

~~~
DanBC
"Goober with firewall".

Some users get a windows software firewall product. Those products have to
persuade users that the money was well spent, so they log everything and
sometimes alert too much. "WE PROTECTED YOU FROM 9,042 HOSTILE ATTEMPTS"
sounds better than "it's just Internet noise. Ignore it."

------
johnohara
I'm not sure what Slashdot actually is anymore. The titles of the entries
appear interesting at first, but when you read the associated articles, any
substantive content seems to vanish into thin air.

I'm still interested, it's just not that interesting.

~~~
dredmorbius
And this is different from much of the socially viral Web how?

I agree that Slashdot's lost its way and cachet, but substance is hardly
prominent across much of the Internet today.

~~~
gametheoretic
Agreed; nowadays anywhere you go, there's some snarky dude saying 'hardly'.

------
unreal37
Computers all over the world port-scan me all day every day, looking for
attack vectors. Not sure it's a issue worth committing Seppuku over.

------
drakaal
Stages of Open Source:

Run opensource so you can pour through the code and trust that it is secure by
finding the issues in the code.

Benefit from the masses of users also pouring through the code to make sure it
is safe.

Gain critical mass such that no security flaw goes undiscovered.

Grow complacent and assume all the other users are checking so you don't have.

Gain a large enough install base that malicious contributors add back doors
and other nastiness to the code base.

Have a bad thing happen.

Snap out of complacency and start taking security seriously again.

~~~
duskwuff
The process you're describing bears no relation whatsoever to the origin of
this code. It was written by Slashdot employees to solve a real operational
problem on Slashdot; see above for a comment from the man himself.

~~~
drakaal
And the masses should have said "that's a bad idea", but they didn't because
they grew complacent.

------
axanoeychron
Yes. This is known. It is to stop spam bots and to detect whether you are a
regular user and not a VPS.

------
davidgerard
Both of them are outraged.

------
sir_hopalot
I stopped clicking slashdot last year, whatever change they made on the mobile
template I ended up with a blank page 4 times out of 5. I got over it. Moved
on.

~~~
dfa0
Slashdot beta, a new redesign, is causing quite a stir these days amongst the
vocal majority.

------
antocv
Big deal, the internet is made for devices to connect to each other. So what
if they are trying to connect?

Tell me when they attempt a DOS or send funky packets.

------
mantrax4
So, I don't get what the fuss is about. It port scans users, and does nothing
interesting with it.

But on the other hand, we're talking about Slashdot. I've forgotten it exists.
Maybe that was the purpose of all the hot air.

