RE: Bogus DNS traffic

From: David Gillett (gillettdavid_at_fhda.edu)
Date: 10/22/03

  • Next message: Brian Collins: "Re: Bogus DNS traffic" 
    To: <jeff@jeffbryner.com>
Date: Wed, 22 Oct 2003 14:02:26 -0700

      The malformation looks like a match. Since I'd only seen one
    random packet from each of a bunch of random source addresses,
    I was assuming the source was probably spoofed; this sounds like
    it might not be.
      (The MAC address that I reported as an internal server turns
    out to be the nearest internal ROUTER. So I don't know if the
    origin is internal to our network after all.)

    David Gillett

    > -----Original Message-----
    > From: Jeff Bryner [mailto:jbryner1@yahoo.com]
    > Sent: October 22, 2003 13:14
    > To: gillettdavid@fhda.edu
    > Subject: Re: Bogus DNS traffic
    >
    >
    > Is it the widespread dns profiling that's been taking place?
    >
    > http://people.ists.dartmouth.edu/~gbakos/bindsweep/
    >
    > jeff

    ---------------------------------------------------------------------------
    FREE Whitepaper: Better Management for Network Security

    Looking for a better way to manage your IP security?
    Learn how Solsoft can help you:
    - Ensure robust IP security through policy-based management
    - Make firewall, VPN, and NAT rules interoperable across heterogeneous
    networks
    - Quickly respond to network events from a central console

    Download our FREE whitepaper at:
    http://www.securityfocus.com/sponsor/Solsoft_incidents_031015
    ----------------------------------------------------------------------------

  • Next message: Brian Collins: "Re: Bogus DNS traffic"

    Relevant Pages

    • RE: Bogus DNS traffic
      ... > random packet from each of a bunch of random source addresses, ... Better Management for Network Security ...
      (Incidents)
    • SecurityFocus Microsoft Newsletter #50
      ... Subject: SecurityFocus Microsoft Newsletter #50 ... Specialist in Microsoft's Security Services Partner Program, ... Network Monitoring for Intrusion Detection ... Relevant URL: ...
      (Focus-Microsoft)
    • << SBS News of the week - Sept 26 >>
      ... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
      (microsoft.public.backoffice.smallbiz)
    • << SBS News of the week - Sept 26 >>
      ... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
      (microsoft.public.backoffice.smallbiz2000)
    • Re: << SBS News of the week - Sept 26 >>
      ... > And he points to the info you need to put the file on the server in the ... > at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... An attacker can exploit these flaws in tandem via specially ...
      (microsoft.public.backoffice.smallbiz2000)