{"id":232063,"date":"2020-05-25T01:27:50","date_gmt":"2020-05-24T23:27:50","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=232063"},"modified":"2020-05-25T19:27:37","modified_gmt":"2020-05-25T17:27:37","slug":"ebay-seite-macht-beim-besuch-einen-port-scan","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2020\/05\/25\/ebay-seite-macht-beim-besuch-einen-port-scan\/","title":{"rendered":"eBay-Seite macht beim Besuch einen Port-Scan"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Stop.jpg\" align=\"left\" \/>[<a href=\"https:\/\/borncity.com\/win\/2020\/05\/25\/ebay-scans-your-clients-ports-during-visit-of-their-site\/\" target=\"_blank\" rel=\"noopener noreferrer\">English<\/a>]Wie es ausschaut, f\u00fchrt eBay einen Port-Scan auf den Clients seiner Besucher aus, sobald diese im Browser die Webseite ebay.com abrufen.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg04.met.vgwort.de\/na\/b24c9c1c51b14f8db2000da896ef814e\" alt=\"\" width=\"1\" height=\"1\" \/>Das Thema poppt seit einigen Stunden auf Twitter von verschiedenen Leuten auf. Hier eine Meldung von einem Nutzer.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Yep. eBay \"scans\" your computer using browser websockets after you login, looking for specific ports.<br \/>\nI see ports typically used by RDP, VNC, remote access\/control. 14 were probed.<\/p>\n<p>They'll probably say it's for *my* safety.<br \/>\nNot cool, eBay. Not cool. <a href=\"https:\/\/t.co\/BJQlxmkqbS\">pic.twitter.com\/BJQlxmkqbS<\/a><\/p>\n<p>\u2014 B:\\a.zza (@mcbazza) <a href=\"https:\/\/twitter.com\/mcbazza\/status\/1264551898473955328?ref_src=twsrc%5Etfw\">May 24, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In Folgetweets werden weiteres Details offen gelegt. Jack Rhysider ist das ebenfalls im Edge-Browser aufgefallen, wie er in nachfolgendem Tweet ausf\u00fchrt.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">If this had conducted a full port scan on my internal network and reported the results to eBay, is that illegal? This is not portscanning the internet, it's port scanning my computer, which is behind a firewall in my home. Is that illegal? Probably not but it's at the line.<br \/>\n2\/5<\/p>\n<p>\u2014 Jack Rhysider (@JackRhysider) <a href=\"https:\/\/twitter.com\/JackRhysider\/status\/1264415921919029248?ref_src=twsrc%5Etfw\">May 24, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Obwohl er eine Firewall benutzt, wird lokal im Browser ein PortScan durchgef\u00fchrt und das Ergebnis an eBay \u00fcbertragen. Findet er nicht lustig. Rhysider\u00a0 diskutiert den Fall weiter auf Twitter. Eine richtige Erkl\u00e4rung f\u00fcr diesen Sachverhalt hat eigentlich keiner.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">eBay port scans visitors' computers for remote support tools &#8211; <a href=\"https:\/\/twitter.com\/LawrenceAbrams?ref_src=twsrc%5Etfw\">@LawrenceAbrams<\/a><a href=\"https:\/\/t.co\/Lo5q5Vr6Rc\">https:\/\/t.co\/Lo5q5Vr6Rc<\/a><\/p>\n<p>\u2014 BleepingComputer (@BleepinComputer) <a href=\"https:\/\/twitter.com\/BleepinComputer\/status\/1264622400441856002?ref_src=twsrc%5Etfw\">May 24, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Bleeping Computer hat das Ganze aufgegriffen und in dem in obigem Tweet verlinkten Artikel ver\u00f6ffentlicht.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">All of these ports are related to remote support\/remote access applications that allow you to take over a computer. There was only one port, 63333, that we could not identify. <a href=\"https:\/\/t.co\/3pRMirgn5P\">pic.twitter.com\/3pRMirgn5P<\/a><\/p>\n<p>\u2014 BleepingComputer (@BleepinComputer) <a href=\"https:\/\/twitter.com\/BleepinComputer\/status\/1264624823537369088?ref_src=twsrc%5Etfw\">May 24, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Es wird vermutet, dass kompromittierte Rechner \u00fcber diesen Scan aufgesp\u00fcrt werden sollen. Details lassen sich im verlinkten Bleeping Computer-Beitrag nachlesen. <strong>Erg\u00e4nzung:<\/strong> Es gibt noch einen e<a href=\"https:\/\/nullsweep.com\/why-is-this-website-port-scanning-me\/\" target=\"_blank\" rel=\"noopener noreferrer\">nglischsprachigen Blog-Beitrag<\/a> zum Thema. Und es scheint, als ob die Kollegen bei heise den obigen Beitrag zum Anlass genommen haben, das Thema <a href=\"https:\/\/www.heise.de\/news\/ebay-begruesst-einige-Nutzer-mit-heimlichem-Portscan-4728010.html\" target=\"_blank\" rel=\"noopener noreferrer\">hier aufzubereiten<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Wie es ausschaut, f\u00fchrt eBay einen Port-Scan auf den Clients seiner Besucher aus, sobald diese im Browser die Webseite ebay.com abrufen.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[908],"tags":[4338,4328],"class_list":["post-232063","post","type-post","status-publish","format-standard","hentry","category-internet","tag-internet","tag-sicherheit"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/232063","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=232063"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/232063\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=232063"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=232063"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=232063"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}