Date: Sat, 16 Apr 2011 04:54:16 -0400 From: Michael Scheidell <michael.scheidell@secnap.com> To: <freebsd-security@freebsd.org>, Emerging Threats Signatures <emerging-sigs@emergingthreats.net> Subject: 193.138.118.3 ? lagoon.freebsd.lublin.pl /cache, freebsd, lublin, pl on TOR end point list? Message-ID: <4DA95938.7050608@secnap.com>
next in thread | raw e-mail | index | archive | help
We keep getting security alerts that lagoon.freebsd.lublin.pl (the authoritative dns server for freebsd.lublin,pl) is on the 'TOR' end point node list. We get this alert when our DNS server looks up the ip for cache.freebsd.lublin.pl <http://doc.emergingthreats.net/bin/view/Main/TorRules> This concerns me if freebsd is using a mirror that has possible ties to hacker or other nefarious network related activity. Can anyone tell me if: A) this might be a FP? that lagoon.freebsd.lublin.pl is NOT associated with this type of activity? B) if so, should the small chance that they are involved in this prohibit them from being on any RR link for ports source code lookups? C) am I too paranoid? its 5am localtime, go back to bed? -- Michael Scheidell, CTO o: 561-999-5000 d: 561-948-2259 ISN: 1259*1300 >*| *SECNAP Network Security Corporation * Best Intrusion Prevention Product, Networks Product Guide * Certified SNORT Integrator * Hot Company Award, World Executive Alliance * Best in Email Security, 2010 Network Products Guide * King of Spam Filters, SC Magazine ______________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ ______________________________________________________________________
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4DA95938.7050608>