On Fri, 5 Oct 2001, Seth Milder wrote: > I am getting a ton of DNS scans from what seem to be all BSDI machines > and all from China (so far). They are also *all* running > <SNIP> > Remote operating system guess: F5labs Big/IP HA TCP/IP Load Balancer There's you answer right there. They're F5 BigIP boxes. when you visit a site that uses them, they do some DNS queries to determine which of their servers you're closest to. Ryan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Oct 05 2001 - 09:47:58 PDT