Attached Link: http://market.renderosity.com/mod/forumpro/showthread.php?thread_id=2655074

Can someone address this please and let us know for what reason Renderosity is scanning our ports? And if it's not scanning, what does that message mean?

No, we don't. Simply put. Every once in a while we have an IP address start spinning up thousands of sessions on our site, and we will send massive port scans his way to slow him down while we work on blocking his IP address because he's bringing the site down. But we do not run port scans on average Joe's computers. Only intruders' computers. N

Thanks for the quick answer :)

It would be interesting to know what caused those Norton blocks on my father's PC. He barely knows what "right click" is, so I doubt he's trying to perform a denial of service attack against Rendo (plus he's not even here, which is partly why I am ;-)).

Just installed a wireless network in parent's house so am now on own box. Not running Norton so don't expect to see alerts...

I wouldn’t believe a word of it, maybe they don’t scan ports and it is quite innocent, but if they do they are hardly going to admit it are they!

I have to wonder, if a typical client were using a defective or obsolete browser, might this cause the server to detect thousands of http requests? e.g. if there is a long interval between a client clicking on a link to your server and the actual commencement of the session, might that delay be due to a series of http requests from the obsolete browser? I reckon that, like any popular server, y'all get several DOS attacks per day (perhaps dozens of attacks), but it would be easy to spot real attacks vs. bad browsers incompatible with your servers.

I had my system scanned last night , and it was after clicking on one picture to view it full size, so I don't believe that they are only doing it on systems who's "IP address start spinning up thousands of sessions on our site".  Plus I don't use an obsolete browser, as I have the latest version of FireFox. 

I would like ot know the "real" reason that they were trying to scan my system??

I assure you, we are NOT scanning your system. If you have a reason for not believing that, all we can say is what we have said and it is your choice whether to believe us or not. N

no.

renderosity is not port scanning.

one of your Advertisers is, and since they are routed through the www.renderosity domain, it looks like Rendo is scanning.

time to have a quite word with the offsite advertisers about it...

my guess it's the high school yearbook thing, or one of the other ads that they also put on yahoo. p.s. tried posting this the first time, and it said "ERROR: No global variables detected. Exiting." :crying:

**No, we don't. Simply put.

Every once in a while we have an IP address start spinning up thousands of sessions on our site, and we will send massive port scans his way to slow him down while we work on blocking his IP address because he's bringing the site down. But we do not run port scans on average Joe's computers. Only intruders' computers.

N**

And yet, in the same breath, two things are said which contradict each other.

first part probably shouldn't have been included.

Let me clarify myself. The website, itself, Renderosity, does not ever port scan its users. On a rare occasion, we will receive an overflow of traffic from one particular IP address, the originator of which is most likely trying to bring the site to a halt. We are not talking about having too many windows open or having an outdated browser or anything like that. We're talking about someone using very specialized load-simulating equipment to generate a drastic number of simulated visitor sessions. To combat these people, we generally simply block their IP addresses from even getting onto the server. However, in order to do this, we have to stop their requests from getting to the servers so that we can let the load slow down long enough for the servers to resond to our commands to block him or her. In order to stop these requests, we will sometimes participate in reactive (not proactive) aggression in the form of doing the same thing to him: spinning up thousands of sessions on his machine and port scanning him. This slows down his connection time long enough for us to get our job done. For the average-joe or average-jane user reading this thread, no, we absolutely do not port scan. So, no, I wasn't contradicting myself. I was describing two unrelated scanarios . N P.S. - If anyone WERE acting maliciously toward Rendo and we were port scanning that person to slow him/her down, he/she wouldn't be able to get on here to post about it because when we were through port scanning them their IP would be blocked. We have looked into our advertisers and found one that may possibly be issuing port scans unbeknownst to us. We are investigating this and will deal with it appropriately.

Quote - I was describing two unrelated scanarios

Nice pun.  :biggrin: