Re: Unusual DNS requests (not related to previous DNS thread)

From: Greg A. Woods (woods@weird.com)
Date: 01/15/02


From: woods@weird.com (Greg A. Woods)
To: <measl@mfn.org>
Date: Tue, 15 Jan 2002 11:57:24 -0500 (EST)


[ On Monday, January 14, 2002 at 17:37:17 (-0600), measl@mfn.org wrote: ]
> Subject: Unusual DNS requests (not related to previous DNS thread)
>
> So far, so good. The request is for a PTR
> record: 0.xxx.xxx.xx.in-addr.arpa. No, that's not a typo, they are
> requesting reverse for the network address at .0. A packet capture shows
> absolutely nothing out of the ordinary, other than the freaky request, and
> the regularity of the requests, about one request every five seconds, round
> the clock.

It's not unusual at all. Please read RFC 1101.

-- 
								Greg A. Woods

+1 416 218-0098; <gwoods@acm.org>; <g.a.woods@ieee.org>; <woods@robohack.ca> Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>

---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com