Re: Why is my ISP scanning me?
From: Adorai (bob@mindway.com)Date: 04/16/02
- Next message: Adorai: "Re: iptable NAT help"
- Previous message: Duynstee: "Re: ZoneAlarm shut down problem"
- In reply to: Igor: "Re: Why is my ISP scanning me?"
- Next in thread: Eirik Seim: "Re: Why is my ISP scanning me?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: bob@mindway.com (Adorai) Date: 16 Apr 2002 03:34:59 -0700
Igor <Igor9277@sprynet.com> wrote in message news:<jb2cbu4sevrf7rfekq80m2b37i086qpk39@4ax.com>...
> >So the ip address is obviously the one from the dns server of the ISP.
> >
> >What you believe to be a hacker portscanning is indeed the ISP's DNS
> >server sending DNS reply packets which that stupid zone alarm drops due
> >to misconfigurationSo . There is a problem, and that is the person
> >sitting in front of the monitor beeing too stupid to configure this
> >so-called firewall to allow answers from his ISP's DNS server. And the
> >other problem is of your you, our well known nutcase writing the usual
> >nonsense.
> >
> Yes. But this does not answer why this just started, coincident with my obtaining a static IP address.
> No changes were made to ZA config -- i.e., before and after static IP assigned.
My guess would be that ns1.mindspring.com is allowed, when it doesn't
respond quick enough and your machine tries to get the DNS from the
backup, which is the one listed in your log, ZA denies those because
it has no idea it SHOULD be accepting those packets. Why it just
started? Who knows, could be that ns1.mindspring.com has just been
really busy lately and isn't able to respond as super fast as it
should be.
Adorai
- Next message: Adorai: "Re: iptable NAT help"
- Previous message: Duynstee: "Re: ZoneAlarm shut down problem"
- In reply to: Igor: "Re: Why is my ISP scanning me?"
- Next in thread: Eirik Seim: "Re: Why is my ISP scanning me?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
