RE: Bogus DNS traffic

["David Gillett" <gillettdavid () fhda edu>]

  The malformation looks like a match.  Since I'd only seen one
random packet from each of a bunch of random source addresses,
I was assuming the source was probably spoofed; this sounds like
it might not be.
  (The MAC address that I reported as an internal server turns
out to be the nearest internal ROUTER.  So I don't know if the 
origin is internal to our network after all.)

David Gillett

> -----Original Message-----
> From: Jeff Bryner [mailto:jbryner1 () yahoo com]
> Sent: October 22, 2003 13:14
> To: gillettdavid () fhda edu
> Subject: Re: Bogus DNS traffic
>
>
> Is it the widespread dns profiling that's been taking place?
>
> http://people.ists.dartmouth.edu/~gbakos/bindsweep/
>
> jeff


---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_incidents_031015
----------------------------------------------------------------------------