Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
RE: [Full-Disclosure] Strange ldap Behavior.
From: Soderland, Craig (craig.soderlandsap.com)
Date: Tue May 18 2004 - 11:54:36 CDT
Understood, but why would this system be trying to make a connection there? I has no reason to be connecting and we just noticed it which raised a few questions.
This mailbox protected from junk email by MailFrontier Desktop
from MailFrontier, Inc. http://info.mailfrontier.com
> -----Original Message-----
> From: full-disclosure-adminlists.netsys.com [mailto:full-disclosure-
> adminlists.netsys.com] On Behalf Of Simon Hailstone
> Sent: Tuesday, May 18, 2004 10:39 AM
> To: full-disclosurelists.netsys.com
> Cc: Soderland, Craig
> Subject: RE: [Full-Disclosure] Strange ldap Behavior.
> > I did a snoop from our tech sandbox (xxxxxx) to port 389 using
> > the following command: 'snoop -v port 389' (without the quotes).
> > The attached file shows a segment of the results. Notice the line:
> > ETHER: Destination = 0:0:5e:0:1:1, U.S. Department of Defense
> > (IANA)
> > Why should a connection be made to US Dept. of Defense? Any Ideas?
> Hi Craig,
> Ethernet OUI's are maintained by the IEEE, rather than IANA :
> 0:0:5E is registered to :
> 00-00-5E (hex) USC INFORMATION SCIENCES INST
> 00005E (base 16) USC INFORMATION SCIENCES INST
> INTERNET ASS'NED NOS.AUTHORITY
> 4676 ADMIRALTY WAY
> MARINA DEL REY CA 90292-6695
> Best Regards,
> Simon Hailstone
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure - We believe in it.