
nsagate.apple.com - algorithm_dk
https://www.robtex.com/advisory/dns/com/apple/nsagate/?deep=1#information
======
mostafaberg
I hardly think apple or any company are dumb enough to name their backdoor
publicly nsagate as a subdomain to their company's domain, it's probably some
kind of service, since apple prefixes lots of things with NS (NextStep), it
could also be initials for a billion other words, see
[http://www.acronymfinder.com/NSA.html](http://www.acronymfinder.com/NSA.html)

~~~
acqq
However, if it were for Next Step A:

> Ping request could not find host nsbgate.apple.com.

~~~
algorithm_dk
They also had salt.apple.com and pepper.apple.com. And still functional:
apple.apple.com

------
sjustinas
Spotted as early as 2001.

[http://lists.apple.com/archives/macos-x-
server/2001/Jun/msg0...](http://lists.apple.com/archives/macos-x-
server/2001/Jun/msg00342.html)

~~~
algorithm_dk
and has never been answered...

~~~
acqq
Still the same IP.

------
verandaguy
I wouldn't call this anything more than an educated guess - but maybe nsagate
stands for name server A-record gateway?

~~~
acqq
Anybody ever heard for such a kind of gateway?

~~~
verandaguy
I'm not implying it's standardized; it would just be a descriptive name.

------
doe88
or simply nsagate for nameserver A gate.

------
biot
A gateway between NextStep and Apple? Watch out for the NSArchiver class in
Foundation Framework.

------
sixothree
What ports are open?

~~~
joaomsa
Services could be hidden through the use of port knocking.

~~~
canadev
Cool, never heard of it.

"In computer networking, port knocking is a method of externally opening ports
on a firewall by generating a connection attempt on a set of prespecified
closed ports. Once a correct sequence of connection attempts is received, the
firewall rules are dynamically modified to allow the host which sent the
connection attempts to connect over specific port(s). A variant called Single
Packet Authorization exists, where only a single "knock" is needed, consisting
of an encrypted packet.[1][2]

The primary purpose of port knocking is to prevent an attacker from scanning a
system for potentially exploitable services by doing a port scan, because
unless the attacker sends the correct knock sequence, the protected ports will
appear closed."

[http://en.wikipedia.org/wiki/Port_knocking](http://en.wikipedia.org/wiki/Port_knocking)

