It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
ns1.denyignorance.com is portscanning me (or so BlackICE says)
page: 10
share:
Anyone have noticed this also?
As soon as I surf to ATS my BlackICE says that ns1.denyignorance.com is probing the following ports (extract from BlackICE)
Time, Event, Intruder, Count, Destination Port, Parameter(s)
2004-08-13 16:12:10, TCP_Port_Scan, ns1.denyignorance.com, 3, 0, port=3898|3900|3929|3931|3937-3938|3942|3944|3980|3993|4003-4004|4007|4016|4018|4027|4040|4042|4052|4057|4059|4071|4074-4075
Anybody know why this happens?
// k
As soon as I surf to ATS my BlackICE says that ns1.denyignorance.com is probing the following ports (extract from BlackICE)
Time, Event, Intruder, Count, Destination Port, Parameter(s)
2004-08-13 16:12:10, TCP_Port_Scan, ns1.denyignorance.com, 3, 0, port=3898|3900|3929|3931|3937-3938|3942|3944|3980|3993|4003-4004|4007|4016|4018|4027|4040|4042|4052|4057|4059|4071|4074-4075
Anybody know why this happens?
// k
I doubt it's a port scan.
Our Apache server is configured to allow a high number of "MaxClients" and multiple "child servers", which means you could receive several dozen
connections from us (on port 80) for each page request. Depending on the sensitivity of your BlackIce settings, it could categorize this type of
multiple-connect activity as a "port scan" when you first hit a page on our server.
Does it happen every page-load, or just when you first hit ATS?
Seems like it happen just when I first hit ATS.
Are your web and ns on the same server?
(Since BI says it is the ns1 that causes this.)
I am not surprised though as BI sometimes sees "attacks" when there are none.
// k
Are your web and ns on the same server?
(Since BI says it is the ns1 that causes this.)
I am not surprised though as BI sometimes sees "attacks" when there are none.
// k
Yes, NS1.denyignorance and www.abovetopsecret are both the same IP on the same box. If BlackIce does a reverse lookup on our IP, it is possible it
would catch the primary name server first.
new topics
-
Austin sends Fighter Squadrons, Tanker Aircraft to the Middle East
World War Three: 6 hours ago -
Diddy's ex Jennifer Lopez urges Americans to trust her about Kamala Harris
Jokes, Puns, & Pranks: 6 hours ago -
Concerning data with regards to Turbo Cancer
Diseases and Pandemics: 7 hours ago -
Trump thinks Liz Cheaney should be shot in the face?
US Political Madness: 8 hours ago
top topics
-
Final jobs report before Nov 5th is a bad one lowest since Dec 2020
US Political Madness: 15 hours ago, 17 flags -
CNN now has a pay wall
Other Current Events: 12 hours ago, 14 flags -
Pentagon announces new military aid package for Ukraine
World War Three: 12 hours ago, 14 flags -
Trump thinks Liz Cheaney should be shot in the face?
US Political Madness: 8 hours ago, 14 flags -
Concerning data with regards to Turbo Cancer
Diseases and Pandemics: 7 hours ago, 9 flags -
Tucker Carlson Shares Amazing Story: "I Was Mauled By a Demon"
Paranormal Studies: 13 hours ago, 8 flags -
Diddy's ex Jennifer Lopez urges Americans to trust her about Kamala Harris
Jokes, Puns, & Pranks: 6 hours ago, 7 flags -
Austin sends Fighter Squadrons, Tanker Aircraft to the Middle East
World War Three: 6 hours ago, 6 flags -
Maetaquest 3S
Video Games: 15 hours ago, 3 flags
0