|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: TCP port 7 traffic from DoubleClick
Timothy K. Ewing (EwingTK
celera.com)
Tue, 13 Jul 1999 16:02:05 -0400
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: John Nanas: "Scanner and Firewall?"
- Previous message: Choi, Byoung: "RE: question on buffer overflow (was RE: Extreme Hacking)"
- Maybe in reply to: Choi, Byoung: "question on buffer overflow (was RE: Extreme Hacking)"
- Next in thread: David Lang: "Re: TCP port 7 traffic from DoubleClick"
- Reply: David Lang: "Re: TCP port 7 traffic from DoubleClick"
We saw this same kind of behaviour back on May 3, 1999. I contacted
Dave Smith at Doubleclick
and inquired as to why this was happening. At that time he indicated
that his company was using a
product called Resonate Global Dispatch, an internet advertising tool,
which identifies the closest DNS
servers to the client. The program gathers some type of metrics by
connecting to DNS servers.
He indicated that they had recieved lots of other complaints in addition
to mine and that they would
probably move to using 'pings' instead. Looks like they may have
switched to connecting to the echo
port for those systems that have it open (a bad port to have open
anyway). I have not called them
lately to verify this progression by I suspect that this is what is
happening.
Timothy K. Ewing
Security Analyst
Celera Genomics Corp.
- Next message: John Nanas: "Scanner and Firewall?"
- Previous message: Choi, Byoung: "RE: question on buffer overflow (was RE: Extreme Hacking)"
- Maybe in reply to: Choi, Byoung: "question on buffer overflow (was RE: Extreme Hacking)"
- Next in thread: David Lang: "Re: TCP port 7 traffic from DoubleClick"
- Reply: David Lang: "Re: TCP port 7 traffic from DoubleClick"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:19:03 CDT