On a similar vein... http://blog.kotowicz.net/2012/08/how-facebook-lacked-x-frame-options-and.html
On Fri, Aug 17, 2012 at 11:24 AM, Don Pandori <[email protected]>wrote: > They must have some sort of lookup going on. I've accessed via Tor and > got presented with some additional authentication pages. > > Don > > > > On 8/11/2012 1:21 PM, Guillaume Ross wrote: > > I'm not a Facebook user so I can't easily test, but is it possible that > Facebook has anti-spam and anti-botnet processes that will scan your IP in > order to know if it is an open proxy? > Maybe that happens when you have an office with NAT and multiple users > coming from the same IP. > > Guillaume > > On 2012-08-09, at 1:15 PM, Wynn Fenwick <[email protected]> wrote: > > Shaun, > > What IPS is it? > "Coming from facebook" -- how is it determining that? > What ports are being hit? > > Sometimes geolocation software will try multiple datagrams to your > originating IP to assess the fastest data centre from which to deliver > content to the requestor, but it is usually not spread across multiple TCP > ports to my knowledge. The stimulus is likely a browser on your PC and your > source IP is not known to Facebook (today). > > Another explanation is that numerous outbound TCP connections from an > ephemeral source port will generate return SYN-ACK packets coming back to > those multiple source ports... so perhaps your "IPS" isn't very > state-aware. If the destination ports are > 1024 and are in sequence, then > its likely that. > > Else it would be interesting to see the answers above. > > W > > > On 07/08/2012 4:55 PM, Shaun Curry wrote: > > I have noticed some weird “stuff” coming from facebook. My IPS blocked > a “Probable Port Scan” from a facebook address going directly to an > internal machine. Has anyone dealt with this before? How do I stop it > without totally blocking facebook?**** > > ** ** > > Shaun**** > > > _______________________________________________ > Pauldotcom mailing > [email protected]http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > > > _______________________________________________ > Pauldotcom mailing > [email protected]http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
