From owner-freebsd-security@FreeBSD.ORG Sun Apr 17 04:59:11 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A8A8D1065674 for ; Sun, 17 Apr 2011 04:59:11 +0000 (UTC) (envelope-from jonkman@emergingthreatspro.com) Received: from ev1.jonkmans.com (ev1.jonkmans.com [216.127.66.30]) by mx1.freebsd.org (Postfix) with ESMTP id 6E2288FC0A for ; Sun, 17 Apr 2011 04:59:11 +0000 (UTC) Received: (qmail 86358 invoked from network); 17 Apr 2011 00:33:02 -0400 Received: from 70-91-243-19-busname-illinois.hfc.comcastbusiness.net (HELO baton.emergingthreatspro.com) (70.91.243.19) by bleedingthreats.com with SMTP; 17 Apr 2011 00:33:02 -0400 Received: from [10.55.57.9] (unknown [10.55.57.9]) by baton.emergingthreatspro.com (Postfix) with ESMTP id E26891CC31; Sun, 17 Apr 2011 00:31:56 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: Matthew Jonkman In-Reply-To: <4DA96506.8040007@frasunek.com> Date: Sun, 17 Apr 2011 00:31:54 -0400 Content-Transfer-Encoding: quoted-printable Message-Id: <0AEE5018-64E8-49D0-A589-10D6ADDBDCDE@emergingthreatspro.com> References: <4DA95938.7050608@secnap.com> <4DA96137.5050100@frasunek.com> <4DA961F1.1040100@secnap.com> <4DA96506.8040007@frasunek.com> To: Przemyslaw Frasunek X-Mailer: Apple Mail (2.1084) X-Mailman-Approved-At: Sun, 17 Apr 2011 05:06:54 +0000 Cc: Michael Scheidell , Emerging Threats Signatures , freebsd-security@freebsd.org Subject: Re: [Emerging-Sigs] 193.138.118.3 ? lagoon.freebsd.lublin.pl /cache, freebsd, lublin, pl on TOR end point list? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Apr 2011 04:59:11 -0000 The update going out now shows it dropped out of the exit node list. = Thanks all! Matt On Apr 16, 2011, at 5:44 AM, Przemyslaw Frasunek wrote: >> I will try to track down what server is lookup up = cache.freebsd.lublin.pl and >> see why its doing that. >=20 > cache.freebsd.lublin.pl [193.138.118.6], now named ns2.nette.pl, is a = secondary > DNS for some high-traffic Polish domains, so probably that's the = reason, why > you're seeing such lookups. >=20 > _______________________________________________ > Emerging-sigs mailing list > Emerging-sigs@emergingthreats.net > http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs >=20 > Support Emerging Threats! Subscribe to Emerging Threats Pro = http://www.emergingthreatspro.com > The ONLY place to get complete premium rulesets for Snort 2.4.0 = through Current! ---------------------------------------------------- Matthew Jonkman Emergingthreats.net Emerging Threats Pro Open Information Security Foundation (OISF) Phone 765-807-8630 x110 Fax 312-264-0205 http://www.emergingthreatspro.com http://www.openinfosecfoundation.org ---------------------------------------------------- PGP: http://www.jonkmans.com/mattjonkman.asc