|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Snort-users] openaanval calling home
From: BM HM (bm0714
hotmail.com)
Date: Mon Apr 19 2004 - 18:49:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I was just watching some tcpdump traffic and noticed my snort box making an
outbound connection to 217.160.255.191
Looking up the IP I found that it is the website for openaanval
'www.aanval.com'. It appears that exactly every 30 minutes, I mean EXACTLY
it makes a short http connection to the aanval website.
I looked through the php code and I think it is simply checking for version
information, but I am not experienced enough to know for real. Is this
something I should be concerned about?
Could they be piggy-backing data maybe? What would they want to collect
anyway?
_________________________________________________________________
From must-see cities to the best beaches, plan a getaway with the Spring
Travel Guide! http://special.msn.com/local/springtravel.armx
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]