Blocking port 7 from latency probes...

Jeff Taylor NjOeSfPfAtM at Mou.edu
Thu Sep 30 19:34:18 UTC 1999


Barry,

>In article <37f237fe.512055306 at ounews.ou.edu>,
>Jeff Taylor <NjOeSfPfAtM at Mou.edu> wrote:
>>Am I the only one that is getting tired of the latency probes to tcp
>>port 7 on my dns servers? I have traced it down to DoubleClick.Net
>>using the app Global Dispatch from Resonate. I tried explaining my
>>objections to both DoubleClick & Resonate, but they fell upon deaf &
>>stupid ears. Here is the last e-mail:
>
>Is your objection that they probe at all, or that they use TCP port 7?
>I.e. would you be happier if it used ICMP Echo (i.e. ping)?  If yo don't
>want them to probe at all, how do you propose they do latency measurements
>so that they can redirect you to the closest server?  I suggest you get
>used to this general type of thing: besides Global Dispatch, there's also
>Distributed Director from Cisco that does similar stuff; it uses TCP port
>53, I presume on the assumption that the DNS query is coming from the
>site's or ISP's caching nameserver, so this port is likely to be open.

I object that they are probing my machines on seldom used ports &
assuming it is acceptable to me. Yes, everybody gets scanned & probed
all the time. But, in just a 12 hour time span, I logged 70+
connection attempts. If the use of their product increases, how many
connection attempts could I start seeing? I have also seen similar
latency measuring activity to ports 19 & 21 as well. 

Another thing that ticks me off is their attitude. They try to come
across with the fact that they are helping me provide my users with a
better network experience. Bull-shit! They are trying to impress their
potential customers with the benefits of using their product. Why not
be a man & not a sales/marketing dweeb & admit the fact. Maybe then
I'll have a little respect for them.

I am all in favor of latency testing throughout the Internet. In fact,
I have a box on my network now that is dedicated as a probe for a
project on Internet2. Why not try to marshall support for a standards
based probe array instead of just scanning what ever will answer. Is
that to much to ask?




More information about the bind-users mailing list