HTTPS connection attempts from Facebook?
michael.odonnell at comcast.net
Mon Aug 6 11:31:58 EDT 2012
>> It's *just* a home connection? No services? Nuke the connection
> If you're on a network with DHCP (most residential connections),
> it's possible someone else wrote an app that points to a DNS
> name that points to your IP address. Still safe to nuke it.
When you say "nuke the connection attempt" do you mean
kill the process that's attempting to open the connection?
I can't, because it's an inbound connection and that process is
(apparently) somewhere inside Facebook. I only have control
over the response at my end which, in my case, is nothing at all
since the port is blocked, with failed attempts logged as shown.
An nmap scan of the machines behind my firewall currently shows
nothing (legitimate or otherwise) listening on port 443, so
I don't have any suspects to "nuke" at the moment here inside
I was mostly just wondering if these connection attempts are
examples of some intentional Facebook behavior, or whether I
should instead bring it to their attention as evidence that
one of their systems (or personnel) may have been compromised.
More information about the gnhlug-discuss