D
David L.
Hi
I have spent quite a bit of effort trying to get a handle on IIS log entries
that contained this user agent signature EZI_HTTP_NETDEV_DISCOVER.
They failed, since the server does not allow anon access, and generated
security log entries of event = 529, with null user, and roving IP dresses.
It looks like a nasty, but it's not, I'm posting here so as to save future
searchers the hassle, hopefully google will pick it up soon.
David L. www.rabboar.com www.rbqaeng.com
From a post on the LinuxQuestions.org it turns out that it's:
Hi, my name is Scot Zarkiewicz and I am the CEO of SingleClick Systems. We
are the manufacturer of the tool that is in question in this thread. I wanted
to quickly describe to people what they are seeing. Dell Network Assistant
(AKA: HomeNet Manager, Network Now, Network Now Pro!) is a Home Networking
tool that provides, as one of its capabilities, a Network Scan feature, to
detect all the devices that are connected to the Home Network. When we find a
device we do probe port 80 to see if that device is exposing a management
interface. This actually provides for a very useful function to less
technically savy customers who may not know how to open a management
interface to a device such as a print server. Additionally we do probe the
router to determine what type of device the user has, and provide one click
access to this device as well. The URL that is mentioned above is used for
Internet Health monitoring to determine when the user has lost their
connection to the Internet (and take corrective action to resolve that
problem.) I wanted to reassure the readers of this message board that the
network traffic generated by our applications is not meant to be harmful in
anyway, and is only taking place to give the more novice user a simpler way
to setup and manage their Home Network. If there are additional questions or
concerns about this topic please don't hesitate to contact me directly at:
scotz@singleclicksystems.com
I have spent quite a bit of effort trying to get a handle on IIS log entries
that contained this user agent signature EZI_HTTP_NETDEV_DISCOVER.
They failed, since the server does not allow anon access, and generated
security log entries of event = 529, with null user, and roving IP dresses.
It looks like a nasty, but it's not, I'm posting here so as to save future
searchers the hassle, hopefully google will pick it up soon.
David L. www.rabboar.com www.rbqaeng.com
From a post on the LinuxQuestions.org it turns out that it's:
Hi, my name is Scot Zarkiewicz and I am the CEO of SingleClick Systems. We
are the manufacturer of the tool that is in question in this thread. I wanted
to quickly describe to people what they are seeing. Dell Network Assistant
(AKA: HomeNet Manager, Network Now, Network Now Pro!) is a Home Networking
tool that provides, as one of its capabilities, a Network Scan feature, to
detect all the devices that are connected to the Home Network. When we find a
device we do probe port 80 to see if that device is exposing a management
interface. This actually provides for a very useful function to less
technically savy customers who may not know how to open a management
interface to a device such as a print server. Additionally we do probe the
router to determine what type of device the user has, and provide one click
access to this device as well. The URL that is mentioned above is used for
Internet Health monitoring to determine when the user has lost their
connection to the Internet (and take corrective action to resolve that
problem.) I wanted to reassure the readers of this message board that the
network traffic generated by our applications is not meant to be harmful in
anyway, and is only taking place to give the more novice user a simpler way
to setup and manage their Home Network. If there are additional questions or
concerns about this topic please don't hesitate to contact me directly at:
scotz@singleclicksystems.com