North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: dns.exe virus?
> Christopher J. Wolff wrote: > > > Chris, > > > > It was really odd. Here is an example of what the two hosts .3 and .4 > > were up to. > > For grins, I ran that through our blacklist tool to see what it coughed up. > > Nothing was on our blacklists. > > Had rDNS's like *.google.com, *.akamai.com, sprintbbsd, > ns2.granitecanyon.com, DNS root servers and a few non-resolving IPs. > > DNS resolution loop perchance? From here, they all show up in the logs attemptin dynamic updates of the in-addr.arpa domain. :) Time to suck pkts... although I 'spect they are trying to perform stupid DNS tricks like: floss.local.in-addr.arpa. A 10.10.10.10 --bill
|