North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: huh

  • From: Sean Donelan
  • Date: Tue Jan 15 16:24:18 2002

On Tue, 15 Jan 2002, Tim Devries wrote:
> Ok, well this is good to know.  Although it still doesn't explain why my
> firewall is reporting DNS UDP/TCP probes from on a regular
> basis.

A couple of possibilities
   - DNS cache poisoning sending spoofed answers to your DNS server (are
       you running a current version of BIND or an alternative?)
   - DDOS attack on using spoofed source packets (DNS
       and HTTP packets can tunnel through most firewall configurations)