[ posted for a non-nanog friend who is definitely a respected security wonk -- rb ] All: I'm currently doing a study of software upgrading behavior with an eye to figuring out what variables cause people to upgrade or otherwise. Unfortunately, this requires doing some probing of the sampled systems (about 900). I've carefully designed these probes not to cause any damage but there's a real probability that they will raise some IDS alarm bells. The source netblocks these scans are coming from are: 198.144.203.240/28 198.144.201.112/29 I want to apologize for any inconvenience or concern this might have caused or will cause. If you notice any actual damage arising from this testing, please let me know immediately so I can appopriately modify my sensors. Thanks, -Ekr -- [Eric Rescorla ekr@rtfm.com] http://www.rtfm.com/