Re: Strange DNS queries



I am totally amazed at the number of email bounces I received from my single post to the list. I hardly post to large mailing lists anymore because I spend the next week deleting bounces.

A lot of lists have moved to trolling for bounces, is anyone doing that for this list?

Jason Lewis wrote:
This link has info.

http://deluvian.doxpara.com/


Alexander Klimov wrote:

We see some random DNS queries: 209.200.168.66 routinely asks us about

license.sunncomm2.com
connected.sonymusic.com
updates.xcp-aurora.com
r1x.myz.info
a.botdot.tk
brandonsisco.com
<some-base64-like-here>.deluvian.doxpara.com
<some-base64-like-here>.<digits-here>.maddns.net
etc.

And it looks like we are not the only target:
<http://www.google.com/search?q=%22209.200.168.66%22>

There are only few requests per hour, but this is a steady stream
since the beginning of the month (plus there was some portscan with
even slower rate).  We can easily block them by firewall, but it is
interesting what they actually try to acheive?

I know about sonymusic rootkit search, but what about the other sites?