News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • eBay is port scanning your system

    Posted on Alex5723 Comment on the AskWoody Lounge

    Home Forums Code Red – Security/Privacy advisories eBay is port scanning your system

    Viewing 4 reply threads
    • Author
      Posts
      • #2265561 Reply
        Alex5723
        AskWoody Plus

        eBay is port scanning your system when you load the webpage

        Have you been to eBay lately? The auction site is a popular destination to buy new and used items. It may surprise you that eBay is running a local port scan when you access the site in a browser…

      • #2265570 Reply
        Kirsty
        Da Boss

        I was alarmed by your topic title, “eBay is port scanning your system”, which is not what @martinbrinkmann wrote in his article. It’s not port scanning my system, because I don’t load their webpage. Also, as I have JS enabled site by site, it would be highly unlikely even if I had loaded their webpage.

        If I had loaded their webpage, it could be… but that’s a qualifier that was much missed in the arguably alarmist title.

        From your linked article by Martin:

        What you may do about it
        If you don’t want your systems to be port scanned by eBay whenever you connect to the site, you may be able to do something about it.

        Block the check.js script in a content blocker.
        In some browsers, e.g. Firefox, disable Web Sockets.
        The eBay site loads the check.js script from the following URL currently: https://src.ebay-us.com/fp/check.js

        Something like ||src.ebay-us.com^*/check.js should work.

        The URL may change and it is different when you connect to localized eBay sites, e.g. eBay.de.

        The other option, to disable WebSockets entirely, may lead to incompatibilities and loading issues on sites. Still, it is possible in Firefox by setting the parameter network.websocket.max-connections to 0.

        3 users thanked author for this post.
      • #2265593 Reply
        Alex5723
        AskWoody Plus

        What you may do about it

        Both remedies are worse then the disease.
        In the first quarter of 2020, eBay reached 174 million active buyers worldwide

        How many use Firefox and how many use NoScript…?

        I think Ebay’s port scanning is alarming as we don’t know what lies behind the scan.

      • #2265789 Reply
        GoneToPlaid
        AskWoody Plus

        Yes, Ebay is doing this since vulnerabilities exist in either older or current versions of the software for which ports they are scanning for. It is easy to remotely hack older or perhaps current versions of programs which have the associated open ports which Ebay is scanning for.

        Ebay’s port scanning is no different from bona fide security researchers who scan the Internet for computers which have open ports and which have older and non-secure software installed. I see this legitimate activity all the time in my AV and router logs.

        The upshot is that I am glad that Ebay is scanning my computer’s ports, and perhaps running test scripts, in order to determine if I have older and vulnerable versions of programs such as RealVNC or TeamViewer installed on my computer, or whether or not my computer’s Win7 OS is updated in order to prevent the Remote Desktop vulnerability. Why? Because Ebay is inextricably linked to Paypal, which is the bread and butter at the heart of Ebay and which in every way operates as a bank yet is not a bank.

        If Paypal ever suffered a data breach, then that would be devastatingly bad for Ebay. I figure that this is why Ebay is proactively performing port scans, in order to protect consumers —  and themselves.

        • #2265898 Reply
          Paul T
          AskWoody MVP

          Do you have evidence for your theory?

          cheers, Paul

      • #2266105 Reply
        johnf
        AskWoody Lounger

        This won’t affect you if you’ve taken the proper steps…block all non essential ports at the router, as well as your local firewall. You can google instructions for configuring your router and your PC firewall on the web, and check for open ports here .

        • This reply was modified 1 month, 1 week ago by johnf.
    Viewing 4 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: eBay is port scanning your system

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.