Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Port Scan #7165

Closed
cyberduck opened this issue Apr 16, 2013 · 1 comment
Closed

Port Scan #7165

cyberduck opened this issue Apr 16, 2013 · 1 comment
Labels
bug core thirdparty Issue caused by third party

Comments

@cyberduck
Copy link
Collaborator

5e4fc9a created the issue

First I apologize in advance, since I am not a networking expert. This issue has been reported by my webhost. It appears from the logs that every time I attempt to download (via drag & drop) from the host to my laptop using Cyberduck, that a port scan is performed. I researched Port Scan, and found that it is either a standard technique or indicative of an "attack". Either way, the webhost is disallowing this currently and blocking the IP.

I have don more research and another webhost has commented that many PC's are infected with port scanning software, and that the practice of blocking IP's is "overkill" and may not be warranted for a commercial server.

Having said that, is Cyberduck Port Scanning in "open new connection" or "use browser connection" modes, or at all? If so, is this standard practice or is it considered now "bad practice"? (If so then this may be a "bug".) If Cyberduck is not performing a "port scan" then some other software is detecting a download action (it appears from the logs, and I will look into this myself).

Either way, the host has currently define "port scan" as "bad" and auto-blocks the IP, which essentially prevents Cyberduck from functioning. So this is either a "overzealous webhost", "clever 3rd party malware which I cannot detect", or a "bug.

Actual Log of Event:

lfd.log:Apr 15 18:24:39 jdz3 lfd[25954]: *Port Scan* detected from 70.184.167.204 (US/United States/wsip-70-184-167-204.hr.hr.cox.net). 11 hits in the last 227 seconds - *Blocked in csf* for 3600 secs [PS_LIMIT]
@cyberduck
Copy link
Collaborator Author

@dkocher commented

No port scanning is done on opening a connection or browsing a remote server.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug core thirdparty Issue caused by third party
Projects
None yet
Development

No branches or pull requests

1 participant