lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44.0309041644440.23530-100000@adsl-64-167-139-59.dsl.snfc21.pacbell.net>
From: blueboar at thievco.com (Blue Boar)
Subject: Strange port 53 requests

On Fri, 5 Sep 2003, Peter van den Heuvel wrote:

> UDP port 53 gets queried on several of the firewalls that I maintain
> (and that do not provide any domain name services) from netblocks that
> are owned by microsoft and realmedia (mostly). None of the machines
> behind these firewalls are allowed any external DNS directly. The
> queries are rather massive (thousands per week).
> 
> Searches on google did not turn up anything and I don't remember seeing
> anything on the lists either (though I migh have prematurely deleted
> something relevant because of the noise ;^)

Search for BigIP, check the Incidents mailing list archives.  These are 
(probably) global load-balancer devices, designed to help the site pick 
which server(s) to handle your queries.  

						BB


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ