
LAN port scan forbidder
301 users
Developer: HASH(0x560e616d5c38)
Version: 0.6.2
Updated: March 22, 2024

Available in the
Chrome Web Store
Chrome Web Store
Install & Try Now!

(+) People Doll - Multi/Pink

5 gal. Home Decorators Collection #HDC-NT-15 Rococo Beige Eggshell Enamel Interior Stain-Blocking Paint & Primer

Decor Facebook Set, Customizable Facebook, DIY Facebook, Editable Facebook Set, Template, DIY Business Set, Rustic Sign, Magnolia

It Ends With US by Colleen Hoover

Festo DNC-50-40-PPV 163384 ISO Cylinder New

Hogwarts Legacy - PlayStation 4
Forbid untrusted web to scan localhost or LAN.
## Source Code Repo
https://github.com/garywill/LA N-port-scan-forbidder
## What
Webs can try to fetch `127.0.0.1:xxxx` or `192.168.Y.Z:xxxx` to scan your open ports in LAN.
Although browsers have cross-domain protections, webs can't read response contents, **but** can still see the connection succeeds or fails.
There're already reports that some websites using that as tracking fingerprint.
> A web for testing: http://samy.pl/webscan/
## So
Forbid any website behaviors trying to connect to your LAN or localhost, if user is visiting the website via their domains or public IP addresses. (Read the source code `background.js` to see the logic)
> Using JS library [whitequark/ipaddr.js](https://github.com/whitequark/ipaddr.js) (MIT License) v2.0.0 to judge IP range.
### Notification
User can enable notification. When untrusted web tries to access private network and get blocked, will show up notification.
### Fallback operation
If user find a web broken, user can temporary set this addon disabled via toolbar button for:
- this one tab
- this one tab and new tabs opened by this tab
- this one window (Firefox only)
- globally
(above can be set as keyboard shortcuts)
there's showy toolbar button badge indicating disabling status.
## Cases when web LAN scan is properly used
Not all LAN-port-scan are evil.
- Some manufacturers provide web for user's browser to scan LAN for their product that need updating.
- Some softwares use `127.0.0.1` communication to interact between native program and web.
## Disclaimer
This open souce addon comes with no warranty. Use on you own risk!
## Source Code Repo
https://github.com/garywill/LA N-port-scan-forbidder
## What
Webs can try to fetch `127.0.0.1:xxxx` or `192.168.Y.Z:xxxx` to scan your open ports in LAN.
Although browsers have cross-domain protections, webs can't read response contents, **but** can still see the connection succeeds or fails.
There're already reports that some websites using that as tracking fingerprint.
> A web for testing: http://samy.pl/webscan/
## So
Forbid any website behaviors trying to connect to your LAN or localhost, if user is visiting the website via their domains or public IP addresses. (Read the source code `background.js` to see the logic)
> Using JS library [whitequark/ipaddr.js](https://github.com/whitequark/ipaddr.js) (MIT License) v2.0.0 to judge IP range.
### Notification
User can enable notification. When untrusted web tries to access private network and get blocked, will show up notification.
### Fallback operation
If user find a web broken, user can temporary set this addon disabled via toolbar button for:
- this one tab
- this one tab and new tabs opened by this tab
- this one window (Firefox only)
- globally
(above can be set as keyboard shortcuts)
there's showy toolbar button badge indicating disabling status.
## Cases when web LAN scan is properly used
Not all LAN-port-scan are evil.
- Some manufacturers provide web for user's browser to scan LAN for their product that need updating.
- Some softwares use `127.0.0.1` communication to interact between native program and web.
## Disclaimer
This open souce addon comes with no warranty. Use on you own risk!
Related

Admin tools
1,000+

Port Checker Tool
1,000+

Plugin Vulnerabilities
411

Whats My Ip, WHOIS, Headers, Traceroute, DNS
459

Show All IP
16

Input hidden Monitor
301

Ping Blocker
473

Auto Referer
340

Anti Rebind
25

Server Status
364

Port Knocking
142

d3coder
10,000+

LocoHost
127

Proxy Port Extension
101

Investigate with Lacework
197

IP, DNS & Security Tools | HackerTarget.com
10,000+

Scripter debugger extension
197

PortChecker
1,000+

Breakbot
287

CounterXSS
449

Vulners Web Scanner
9,000+

LiveScriptConsole
219

Website Server IP - Supports IPv6,Copy,Hide
745

Block Unreachable Scripts
340