Tails Site is 'Port Scanning' Computers that download 'Tails.iso' !!! ???
 

I have been looking at 'Tails' to try and understand Tor etc
(No real need just I like to know about things. :) )

I noticed that if I followed the instructions to download the Tails.ISO, I received a 'Port Scan' from their site address !!!

Attack: Port Scan Attack: IN=ppp1.1 OUT=n/a MAC= SRC=204.13.164.188 DST=xxx.xxx.xxx.xxx LEN=93 TOS=0x00 PREC=0x80 TTL=45 DF PROTO=TCP SPT=443 DPT=49205 WINDOW=980 RES=0x00 ACK PSH URGP=0 MARK=0x8000000


I have verified this by asking a friend to run an .ISO download from their PC and got the same result. !!!

Questions:

Why is the Tails site running port scans on downloaders PC's etc ?

How does this justify any trust in the Tails setup ?

Is this deliberate or has the site been hacked in some way ?


I look forward to any response.

BTW: I did send a message to tails-support-private@boum.org but have had no reply.

where is this info coming from? the red stuff?
why do you think it comes from "Our" site address (i assume you mean linuxquestions.org)???
i see no indication of that.
the ip 204.13.164.188 is boum.org.

ondoho,

You have mis-read the post. :confused:

The Thread title says 'Tails Site'.
If you lookup the address in the message in red it equates to the tails.boum.org site.

The message in red is from my IDS software.

I was hoping to get a message to the tails.boum.org support people via anyone who reads this thread.
As stated my direct e-mail has not been answered. !!!!

Ooops just spotted the error in the OP. Sorry !!!!
Fixed the cut & paste error in the OP.

What did boum.org say to you?

I have had no response at all.

Hence this thread, in the hope someone will pass the message on or suggest a better way to contact boum.org.

My concern is that being 'a hack or deliberate', it makes the Tails.ISO suspect, at the least !!!

Just trying to raise peoples awareness as the people who need to use it may be (in the eyes of a hacker etc) worth probing for vulnerabilities.

You should stop believing your brain-dead "IDS".

descendant_command,

Thanks for your input.

Do you have any basis to believe my IDS is brain dead ?

Please advise how you are able to be so sure ?

BTW:Simply beliving 'it is' is not good enough.

Please don't ask me what the system is, as obviously you do not need to know, or you would have asked 1st before making your statement.
(This reply pre-supposes that all IDS systems are not Brain Dead, in your view.)

How is that a Port Scan?

actually i was going to ask exactly that.
how can we help you with your mysterious IDS's output if you don't tell us what software this is?
and no, it is your job to tell us all we need to know to be able to help you help yourself.
nevermind.