193.138.118.3 ? lagoon.freebsd.lublin.pl /cache, freebsd, lublin,
pl on TOR end point list?
Michael Scheidell
michael.scheidell at secnap.com
Sat Apr 16 09:15:46 UTC 2011
We keep getting security alerts that lagoon.freebsd.lublin.pl (the
authoritative dns server for freebsd.lublin,pl) is on the 'TOR' end
point node list.
We get this alert when our DNS server looks up the ip for
cache.freebsd.lublin.pl
<http://doc.emergingthreats.net/bin/view/Main/TorRules>
This concerns me if freebsd is using a mirror that has possible ties to
hacker or other nefarious network related activity.
Can anyone tell me if:
A) this might be a FP? that lagoon.freebsd.lublin.pl is NOT associated
with this type of activity?
B) if so, should the small chance that they are involved in this
prohibit them from being on any RR link for ports source code lookups?
C) am I too paranoid? its 5am localtime, go back to bed?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
>*| *SECNAP Network Security Corporation
* Best Intrusion Prevention Product, Networks Product Guide
* Certified SNORT Integrator
* Hot Company Award, World Executive Alliance
* Best in Email Security, 2010 Network Products Guide
* King of Spam Filters, SC Magazine
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
More information about the freebsd-security
mailing list