Re: huh

• From: Sean Donelan
• Date: Tue Jan 15 16:24:18 2002

On Tue, 15 Jan 2002, Tim Devries wrote:
> Ok, well this is good to know.  Although it still doesn't explain why my
> firewall is reporting DNS UDP/TCP probes from windowupdate.com on a regular
> basis.

A couple of possibilities
   - DNS cache poisoning sending spoofed answers to your DNS server (are
       you running a current version of BIND or an alternative?)
   - DDOS attack on windowsupdate.com using spoofed source packets (DNS
       and HTTP packets can tunnel through most firewall configurations)

• Follow-Ups:
  • Re: huh Sean Donelan

• References:
  • Re: huh Tim Devries

• Prev by Date: Re: huh
• Next by Date: ipsrvtrace
• Date Index
• Thread Index
• Author Index
• Historical