Malicious URL ? https://[::]/
Roger Marquis
marquis at roble.com
Mon Jan 22 17:47:17 UTC 2018
Not necessarily BSD-related though this was discovered via a proxy
server jail's process table.
Source of the requests was a recently installed Firefox add-on. Not
sure how to escape the pattern for search engines but nothing is found
>From queries wrapped in double quotes. The absense of previous log
entries or search results raises a number of questions. Is this
IPv6-related? Neither the client nor the proxy have IPv6 enabled. Is
it potentially malicious? If so by what mechanism?
The Intel IME backdoor vector is a primary suspect for obvious reasons
but am curious if anyone else has seen this?
Roger Marquis
More information about the freebsd-security
mailing list