OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archive: Re: TCP port 7 traffic from DoubleClick

Re: TCP port 7 traffic from DoubleClick

C. Harald Koch (chkpobox.com)
Mon, 05 Jul 1999 21:55:53 -0400

In message <3781256D.1D291D53sover.net>, Chris Brenton writes:
>
> The "claim" is that this is being done in order to serve you up data
> from the closest Web server to your location, but I've seen a number of
> concerns that this may be yet another attempt by DoubleClick to gain as
> much information on Web surfers as possible.

IMHO, the claim is misguided (at best). They claim two things:

1) They're doing load balancing on their servers. There are better ways...
2) They're serving ad images from the closest server. There's no reason to
   attempt to do this, however:
   - The RTT on the echo connection swamps the image download time, and
   - The RTT on the TCP handshake swamps the mage download time
   - Some/Many/Most people have TCP echo turned off, so no useful data can be
     collected.

In other words, I don't think they can accomplish what they claim to be
attempting. OTOH, never ascribe to malice what can adequately be explained by
stupidity...

> Speaking of which, has anyone noticed what Altavista has been up to
> these days?

Speaking of which, I saw these in my outbound logs a few days back:

my.host.com -> stats.hitbox.com:12343

I haven't tracked down the specific source yet, but it's probably either a URL
or a JavaScript that is logging hit-counts for a page. The question is, as
always, what else is it logging? :-) 

-- 
C. Harald Koch     <chkpobox.com>

"It takes a child to raze a village."
		-Michael T. Fry

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:19:02 CDT