RE: Strange ldap Behavior.

["Soderland, Craig" <craig.soderland () sap com>]

Understood, but why would this system be trying to make a connection there? I has no reason to be connecting and we 
just noticed it which raised a few questions. 



----------------------------------------------------
This mailbox protected from junk email by MailFrontier Desktop
from MailFrontier, Inc. http://info.mailfrontier.com

> -----Original Message-----
> From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-
> admin () lists netsys com] On Behalf Of Simon Hailstone
> Sent: Tuesday, May 18, 2004 10:39 AM
> To: full-disclosure () lists netsys com
> Cc: Soderland, Craig
> Subject: RE: [Full-disclosure] Strange ldap Behavior.
>
>
> > Guys,
> >
> > I did a snoop from our tech sandbox (xxxxxx) to port 389 using
> > the following command: 'snoop -v port 389' (without the quotes).
> > The attached file shows a segment of the results. Notice the line:
> >
> >      ETHER:  Destination = 0:0:5e:0:1:1, U.S. Department of Defense
> > (IANA)
> >
> > Why should a connection be made to US Dept. of Defense? Any Ideas?
>
>
> Hi Craig,
>
> Ethernet OUI's are maintained by the IEEE, rather than IANA :
>
> http://standards.ieee.org/regauth/oui/oui.txt
>
> 0:0:5E is registered to :
>
> 00-00-5E   (hex)              USC INFORMATION SCIENCES INST
> 00005E     (base 16)          USC INFORMATION SCIENCES INST
>                               INTERNET ASS'NED NOS.AUTHORITY
>                               4676 ADMIRALTY WAY
>                               MARINA DEL REY CA 90292-6695
>
> Best Regards,
> Simon Hailstone
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html