[OmniOS-discuss] port 10926
Dale Ghent
daleg at omniti.com
Thu Jun 11 18:29:03 UTC 2015
> On Jun 11, 2015, at 12:00 PM, Graham Stephens <graham at thestephensdomain.com> wrote:
>
> Guys,
>
> Is there something in OmniOS that 'phones home' occasionally?
>
> I happened to be looking at my ISP hub and noticed I had 59 attempts incoming to contact port 10926 from a Maryland U address. As I haven't had my OmniOS box on yet today, I was a bit surprised.
*incoming* packets? That wouldn’t be phoning home… it sounds more like a probing attempt. OmniOS doesn’t actively (or passively) phone home in any capacity, unless you do something such as run `pkg update -nv` from cron on a daily basis or something of the sort. That would be the closest thing to it, and quite deliberate at that.
It’s likely some umd host is misbehaving or is grossly misconfigured in some way.
Having ran infrastructure once at one of the UMD campuses, depending on what the IP resolves to might indicate some student project gone awry, a compromised host that’s scanning for specific stuff, or both.
Not knowing which campus your mystery packets are coming from, mailing security@<domain> is a generally reliable way of getting in touch with someone regardless of the campus (of which are many, each with their own domain… umd.edu, umbc.edu, umuc.edu, and so on)
/dale
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 494 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://omniosce.org/ml-archive/attachments/20150611/94b617c3/attachment.bin>
More information about the OmniOS-discuss
mailing list