| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.GSO.4.43.0309070503160.14431-100000@tundra.winternet.com> From: dufresne at winternet.com (Ron DuFresne) Subject: [tool] the new p0f 2.0.1 is now out On Fri, 5 Sep 2003, Peter van den Heuvel wrote: > Hi, > > UDP port 53 gets queried on several of the firewalls that I maintain > (and that do not provide any domain name services) from netblocks that > are owned by microsoft and realmedia (mostly). None of the machines > behind these firewalls are allowed any external DNS directly. The > queries are rather massive (thousands per week). > > Searches on google did not turn up anything and I don't remember seeing > anything on the lists either (though I migh have prematurely deleted > something relevant because of the noise ;^) > > It does not realy hurt us, but I'm still quite curious what this > actually is. Anybody got a pointer? Marcus Ranum did a writeup on this tool an issue or two back in the information security mag; http://infosecuritymag.techtarget.com/2003/jun/cooltools.shtml Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Powered by blists - more mailing lists