| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040804004313.GH27651@entheta.jingojango.net> From: grutz at jingojango.net (grutz@...gojango.net) Subject: FW: Question for DNS pros On Tue, Aug 03, 2004 at 05:23:16PM -0500, Frank Knobbe brazenly wrote: > hmm... I think it's a bit early to say that. After all, why doesn't it > contact other systems? Why would it have to recheck in the first place? > And why would it use a) a valid DNS query, b) and obscure, non-standard > SYN packet, and c) a DNS query *specifically* including the "pinged" > hosts' IP address in reverse notation? I strongly doubt that the F5 > engineers through *that* would be a good way to see if a host is still > alive. BigIP does some weird things, I wouldn't put it past them in their idea of making things more efficient for users (and, conversely, more of a hassle for admins/infosec). > Even if, what would the BigIP gain from it? Nuttin' (as we say here in > TN :) This was originally brought up when people through windowsupdate was attacking them or hacked. http://slashdot.org/articles/03/08/15/1730200.shtml?tid=109&tid=126&tid=172&tid=187 http://lists.sans.org/pipermail/list/2002-January/034249.html This stuff SOUNDS similar in weird-oddity-nature. -- When little kids ask where rain comes from, I think a cute thing to tell him is "God is crying." And if he asks why God is crying, another cute things to tell him is "Probably because of something you did." - Jack Handy
Powered by blists - more mailing lists