Understood, but why would this system be trying to make a connection there? I has no reason to be connecting and we just noticed it which raised a few questions.
---------------------------------------------------- This mailbox protected from junk email by MailFrontier Desktop from MailFrontier, Inc. http://info.mailfrontier.com > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:full-disclosure- > [EMAIL PROTECTED] On Behalf Of Simon Hailstone > Sent: Tuesday, May 18, 2004 10:39 AM > To: [EMAIL PROTECTED] > Cc: Soderland, Craig > Subject: RE: [Full-Disclosure] Strange ldap Behavior. > > > >Guys, > > > > I did a snoop from our tech sandbox (xxxxxx) to port 389 using > > the following command: 'snoop -v port 389' (without the quotes). > > The attached file shows a segment of the results. Notice the line: > > > > ETHER: Destination = 0:0:5e:0:1:1, U.S. Department of Defense > > (IANA) > > > > Why should a connection be made to US Dept. of Defense? Any Ideas? > > > Hi Craig, > > Ethernet OUI's are maintained by the IEEE, rather than IANA : > > http://standards.ieee.org/regauth/oui/oui.txt > > 0:0:5E is registered to : > > 00-00-5E (hex) USC INFORMATION SCIENCES INST > 00005E (base 16) USC INFORMATION SCIENCES INST > INTERNET ASS'NED NOS.AUTHORITY > 4676 ADMIRALTY WAY > MARINA DEL REY CA 90292-6695 > > Best Regards, > Simon Hailstone > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
