Security Incidents mailing list archives
Re: DNS update queries: another sort of suspicious activity.
From: Gn0 () DATASURGE COM (Data_surge)
Date: Fri, 4 Feb 2000 16:20:09 +1100
On Sat, 29 Jan 2000, you wrote:
On Fri, Jan 28, 2000 at 11:20:08PM +0300, Fyodor wrote:On Fri, 28 Jan 2000, Patrick Oonk wrote: ~ Fydor, ~ ~ this seems to be a 'feature' of Windows 2000. ~ If you had portscanned the offending box you might ~ have seen it was a Win2k box. ~ Wow.. then it must be full of surprises. :) Notice that 192.168.0.4 is a non-routable IP address, so it could be someone's sick firewall which allowed the iternal network to send sick UDP datagrams out.I assumed the ip number to be an example :)
Acually that ip is the one of the default netmaks for a win2k box "i think". not a 100% shure can someone verify this . Thanks.. yes i know 255.x.x..xxx.x. is the one we are accalimed to but i think micro$oft is going for the security in mind look aparenty they are even including 128 bit crypto. witch is ok ????
Current thread:
- Re: DNS update queries: another sort of suspicious activity. Flynn, Harold M. III (Jan 31)
- Re: DNS update queries: another sort of suspicious activity. H D Moore (Feb 10)
- <Possible follow-ups>
- Re: DNS update queries: another sort of suspicious activity. Rob Quinn (Jan 31)
- Re: DNS update queries: another sort of suspicious activity. Kevin (Sparty) Broderick (Jan 31)
- Re: DNS update queries: another sort of suspicious activity. Bill Royds (Feb 01)
- Re: DNS update queries: another sort of suspicious activity. Data_surge (Feb 03)