On Monday 03 February 2003 11:53 am, Neil Dickey wrote: > It is my understanding that "Speedera" is web service provider, and that > these pings can be used by large distributed websites to determine the most > efficient path from a webserver to a client, but that doesn't appear to be > the purpose here. The target box is being used as a third-level DNS > server, and also hosts the namespace our PCs use. Speedera usually sends its probes to your nameservers instead of the end client. The reason for this is due to the way their load balancing works. In a typical session, your client would ask your local nameserver to resolve the address of a Speedera-hosted client site. Your nameserver then queries the root nameservers who point your nameserver at the authoritative Speedera nameservers. Your nameserver then queries Speedera's nameserver, which pings the IP address making the query (your nameserver) using their distributed back-end network. It then returns a DNS reply containing the IP address of the fastest cache for your location. -Joe -- Joe Stewart, GCIH Senior Intrusion Analyst LURHQ Corporation jstewartat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Feb 04 2003 - 13:22:30 PST