Security Incidents mailing list archives
RE: Bogus DNS traffic
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 22 Oct 2003 14:02:26 -0700
The malformation looks like a match. Since I'd only seen one random packet from each of a bunch of random source addresses, I was assuming the source was probably spoofed; this sounds like it might not be. (The MAC address that I reported as an internal server turns out to be the nearest internal ROUTER. So I don't know if the origin is internal to our network after all.) David Gillett
-----Original Message----- From: Jeff Bryner [mailto:jbryner1 () yahoo com] Sent: October 22, 2003 13:14 To: gillettdavid () fhda edu Subject: Re: Bogus DNS traffic Is it the widespread dns profiling that's been taking place? http://people.ists.dartmouth.edu/~gbakos/bindsweep/ jeff
--------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_incidents_031015 ----------------------------------------------------------------------------
Current thread:
- RE: Bogus DNS traffic David Gillett (Oct 23)
- RE: Bogus DNS traffic Christopher L. Morrow (Oct 23)