Malformed DNS request detected

From: Nicky (hackeras_at_gmail.com)
Date: 08/06/05


Date: Sat, 06 Aug 2005 15:28:10 +0300

Today 2 hours now Outpost keep alerting em for this type of attack.

3:27:41 ìì DNS Cache Report Malformed DNS request detected from:
IP:10.0.0.1, port:4672 to: IP:202.107.245.11, port:53
3:27:41 ìì DNS Cache Report Malformed DNS request detected from:
IP:10.0.0.1, port:4672 to: IP:202.98.116.66, port:53
3:27:40 ìì DNS Cache Report Malformed DNS request detected from:
IP:10.0.0.1, port:4672 to: IP:202.98.116.66, port:53
3:27:40 ìì DNS Cache Report Malformed DNS request detected from:
IP:10.0.0.1, port:4672 to: IP:202.107.245.11, port:53
3:27:36 ìì DNS Cache Report Malformed DNS request detected from:
IP:10.0.0.1, port:4672 to: IP:202.98.116.66, port:53

and so on.

Whats going on?



Relevant Pages

  • Strange loopback in firefox.
    ... I was wondering if anyone could give me their opinion of Agnitums Outpost ... described as heavy attack from outside IP addresses. ... either using the Microsoft_DS port or epmap port to connect). ... For example a connection from port 3014 to 3015 and the next entry ...
    (Security-Basics)
  • Re: Attack detection in Kerio PF
    ... > good firewalls ... > like to be able to see a log of the supposed nature of the attack, ... > originating IP - in Sygate and Outpost this was no problem. ...
    (comp.security.firewalls)
  • Re: Attack detection in Kerio PF
    ... > good firewalls ... > like to be able to see a log of the supposed nature of the attack, ... > originating IP - in Sygate and Outpost this was no problem. ...
    (comp.security.firewalls)
  • Re: Comodo Personal Firewall
    ... that vulnerability was fixed shortly after its discovery hence can't do ... the attack described. ... We have certain things in place for alerting to ... sudden increases in bandwidth usage etc. ...
    (comp.security.firewalls)
  • RE: Honeypot Server
    ... When I said Alerting I meant that I should be able to sense the attack when ... Subject: Honeypot Server ... honeypots are not for alerting. ... Can you advise what is the best honeypot server available ...
    (Security-Basics)