LAN port scan forbidder

★★★★★
★★★★★
301 users
<
>
(+) People Doll - Multi/Pink
★★★★★
★★★★★
5 gal. Home Decorators Collection #HDC-NT-15 Rococo Beige Eggshell Enamel Interior Stain-Blocking Paint & Primer
★★★★★
★★★★★
Decor Facebook Set, Customizable Facebook, DIY Facebook, Editable Facebook Set, Template, DIY Business Set, Rustic Sign, Magnolia
★★★★★
★★★★★
It Ends With US by Colleen Hoover
★★★★★
★★★★★
Festo DNC-50-40-PPV 163384 ISO Cylinder New
★★★★★
★★★★★
Hogwarts Legacy - PlayStation 4
★★★★★
★★★★★

Forbid untrusted web to scan localhost or LAN.

## Source Code Repo
https://github.com/garywill/LA N-port-scan-forbidder

## What

Webs can try to fetch `127.0.0.1:xxxx` or `192.168.Y.Z:xxxx` to scan your open ports in LAN.

Although browsers have cross-domain protections, webs can't read response contents, **but** can still see the connection succeeds or fails.

There're already reports that some websites using that as tracking fingerprint.

> A web for testing: http://samy.pl/webscan/

## So

Forbid any website behaviors trying to connect to your LAN or localhost, if user is visiting the website via their domains or public IP addresses. (Read the source code `background.js` to see the logic)

> Using JS library [whitequark/ipaddr.js](https://github.com/whitequark/ipaddr.js) (MIT License) v2.0.0 to judge IP range.


### Notification

User can enable notification. When untrusted web tries to access private network and get blocked, will show up notification.

### Fallback operation

If user find a web broken, user can temporary set this addon disabled via toolbar button for:

- this one tab
- this one tab and new tabs opened by this tab
- this one window (Firefox only)
- globally

(above can be set as keyboard shortcuts)

there's showy toolbar button badge indicating disabling status.

## Cases when web LAN scan is properly used

Not all LAN-port-scan are evil.

- Some manufacturers provide web for user's browser to scan LAN for their product that need updating.

- Some softwares use `127.0.0.1` communication to interact between native program and web.

## Disclaimer

This open souce addon comes with no warranty. Use on you own risk!
Related