[34289] in North American Network Operators' Group
Re: Reasons why BIND isn't being upgraded
daemon@ATHENA.MIT.EDU (Joshua Goodall)
Fri Feb 2 08:42:48 2001
Date: Fri, 2 Feb 2001 14:40:28 +0100 (CET)
From: Joshua Goodall <joshua@roughtrade.net>
To: Rich Sena <ras@poppa.thick.net>
Cc: "'nanog'" <nanog@merit.edu>
In-Reply-To: <Pine.LNX.4.21.0102020823550.9410-100000@poppa.thick.net>
Message-ID: <Pine.BSF.4.32.0102021439090.2021-100000@juice.shallow.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Fri, 2 Feb 2001, Rich Sena wrote:
> On Feb 1, 2001 Wayne Bouchard reported:
>
> > 53, 111, and 137 are the most common scans I trap at my
> > firewall. Interesting bit with the scans to port 53 lately is that
> > they're hitting the port 2 and 3 times, not just the usual once to
> > identify and then move on.
>
> I betcha a guiness and a smile at N21 that those are Global Load Balancers
> probing for distance metrics to your DNS servers on 53 and not malicious
> scans...
I can see it now. Someone at Akamai cackling as they instruct all boxes to
nmap every NS entry in the .com zone... :)
J
