DNS scans by IANA

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

DNS scans by IANA

From: Andrew Fried
Date: Fri Oct 03 09:29:29 2003

Anyone have any idea why a host from IANA would be scanning DNS servers?

;; AUTHORITY SECTION:
4.32.198.in-addr.arpa. 10551 IN SOA dot.ip4.int. hostmaster.ip4.int. 1928630 10800 900 604800 86400

10/03-01:29:45.947001 [**] [1:1616:4] DNS named version attempt [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 198.32.4.13:33581 -> 63.105.37.21:53
10/03-01:29:46.257443 [**] [1:255:8] DNS zone transfer TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 198.32.4.13:39050 -> 63.105.37.21:53
10/03-01:29:46.544719 [**] [1:1616:4] DNS named version attempt [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 198.32.4.13:33623 -> 63.105.37.20:53
10/03-01:29:47.067072 [**] [1:255:8] DNS zone transfer TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 198.32.4.13:39057 -> 63.105.37.20:53
10/03-01:57:47.356984 [**] [1:1616:4] DNS named version attempt [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 198.32.4.13:56229 -> 63.105.37.20:53
10/03-01:57:47.762762 [**] [1:255:8] DNS zone transfer TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 198.32.4.13:46196 -> 63.105.37.20:53
10/03-02:01:02.332948 [**] [1:1616:4] DNS named version attempt [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 198.32.4.13:36697 -> 63.105.37.20:53
10/03-02:01:02.739583 [**] [1:255:8] DNS zone transfer TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 198.32.4.13:47061 -> 63.105.37.20:53
10/03-02:01:59.042381 [**] [1:1616:4] DNS named version attempt [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 198.32.4.13:39008 -> 63.105.37.20:53
10/03-02:01:59.455718 [**] [1:255:8] DNS zone transfer TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 198.32.4.13:47296 -> 63.105.37.20:53
10/03-02:05:01.297316 [**] [1:1616:4] DNS named version attempt [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 198.32.4.13:46251 -> 63.105.37.20:53
10/03-02:05:01.710271 [**] [1:255:8] DNS zone transfer TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 198.32.4.13:48067 -> 63.105.37.20:53
10/03-02:05:28.770286 [**] [1:1616:4] DNS named version attempt [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 198.32.4.13:47507 -> 63.105.37.20:53
10/03-02:05:29.326121 [**] [1:255:8] DNS zone transfer TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 198.32.4.13:48191 -> 63.105.37.20:53
10/03-02:05:44.704398 [**] [1:1616:4] DNS named version attempt [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 198.32.4.13:48082 -> 63.105.37.20:53
10/03-02:05:45.755863 [**] [1:255:8] DNS zone transfer TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 198.32.4.13:48244 -> 63.105.37.20:53
10/03-02:10:20.499887 [**] [1:1616:4] DNS named version attempt [**] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 198.32.4.13:57711 -> 63.105.37.20:53
10/03-02:10:20.906450 [**] [1:255:8] DNS zone transfer TCP [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 198.32.4.13:49232 -> 63.105.37.20:53

Follow-Ups:
- Re: DNS scans by IANA John L Crain
- Re: DNS scans by IANA Jared Mauch

Prev by Date: Re: Alternative Satellite news feed needed
Next by Date: Re: DNS scans by IANA
Date Index
Thread Index
Author Index
Historical