Full Disclosure mailing list archives
Re: [tool] the new p0f 2.0.1 is now out
From: Ron DuFresne <dufresne () winternet com>
Date: Sun, 7 Sep 2003 05:07:13 -0500 (CDT)
On Fri, 5 Sep 2003, Peter van den Heuvel wrote:
Hi, UDP port 53 gets queried on several of the firewalls that I maintain (and that do not provide any domain name services) from netblocks that are owned by microsoft and realmedia (mostly). None of the machines behind these firewalls are allowed any external DNS directly. The queries are rather massive (thousands per week). Searches on google did not turn up anything and I don't remember seeing anything on the lists either (though I migh have prematurely deleted something relevant because of the noise ;^) It does not realy hurt us, but I'm still quite curious what this actually is. Anybody got a pointer?
Marcus Ranum did a writeup on this tool an issue or two back in the information security mag; http://infosecuritymag.techtarget.com/2003/jun/cooltools.shtml Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Re: [tool] the new p0f 2.0.1 is now out, (continued)
- RE: Re: [tool] the new p0f 2.0.1 is now out Michal Zalewski (Sep 04)
- Re: Re: [tool] the new p0f 2.0.1 is now out simon (www.snosoft.com) (Sep 04)
- Re: Re: [tool] the new p0f 2.0.1 is now out SPAM (Sep 04)
- Re: Re: [tool] the new p0f 2.0.1 is now out Thor Larholm (Sep 04)
- Re: Re: [tool] the new p0f 2.0.1 is now out Robert Jaroszuk (Sep 04)
- Re: Re: [tool] the new p0f 2.0.1 is now out morning_wood (Sep 04)
- Re: Re: [tool] the new p0f 2.0.1 is now out Michal Zalewski (Sep 05)
- RE: Re: [tool] the new p0f 2.0.1 is now out Parker, Jeff (MSE) (Sep 04)
- RE: Re: [tool] the new p0f 2.0.1 is now out Michal Zalewski (Sep 04)
- Re: [tool] the new p0f 2.0.1 is now out Peter van den Heuvel (Sep 04)
- Re: [tool] the new p0f 2.0.1 is now out Ron DuFresne (Sep 07)