Date: Sat, 07 Nov 1998 20:25:15 +1100 From: "Hallam Oaks" <mlnn4@oaks.com.au> To: "FreeBSD Security" <freebsd-security@FreeBSD.ORG> Subject: hmmmm ... Doubleclick Message-ID: <199811070924.UAA01040@mail.aussie.org>
next in thread | raw e-mail | index | archive | help
Now I wonder why Doubleclick would do this ... Just a few minutes ago I visited a site which had a doubleclick ad on it, and my IPFW monitoring tool almost immediately started chirping at me. A quick look showed that two seperate IP addresses had attempted to make TCP connections to port 53 (DNS) of the machine that hosts my proxy. That IP address does NOT host any DNS server. The two IP addresses in question were 209.67.38.88 and 199.95.207.220, both of which resolve to Doubleclick (nygda1 and exgd1a.doubleclick.net). Now, I'm not suggesting that doubleclick are doing anything they shouldn't here, but I'm still curious as to why they would attempt to make a TCP connection to a non-existant DNS server, based purely on the IP address of someone who's viewed one of their ads (it was at the Dilbert zone BTW). Anyone seen this before ? -- Chris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811070924.UAA01040>