[34288] in North American Network Operators' Group
Re: Reasons why BIND isn't being upgraded
daemon@ATHENA.MIT.EDU (Rich Sena)
Fri Feb 2 08:28:02 2001
Date: Fri, 2 Feb 2001 08:25:11 -0500 (EST)
From: Rich Sena <ras@poppa.thick.net>
To: Wayne Bouchard <web@typo.org>
Cc: Jason Lewis <jlewis@jasonlewis.net>, "'nanog'" <nanog@merit.edu>
In-Reply-To: <20010201001356.A63257@typo.org>
Message-ID: <Pine.LNX.4.21.0102020823550.9410-100000@poppa.thick.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Feb 1, 2001 Wayne Bouchard reported:
> 53, 111, and 137 are the most common scans I trap at my
> firewall. Interesting bit with the scans to port 53 lately is that
> they're hitting the port 2 and 3 times, not just the usual once to
> identify and then move on.
I betcha a guiness and a smile at N21 that those are Global Load Balancers
probing for distance metrics to your DNS servers on 53 and not malicious
scans...
--
Rich Sena - ras@thick.net
ThickNET Consulting
"On the way to understanding; you understand, and forget."
