[dns-operations] Lots of queries for TXT records?
Ask Bjørn Hansen
ask at develooper.com
Wed Apr 8 04:53:14 UTC 2009
On Apr 7, 2009, at 20:23, Chris Adams wrote:
> I am seeing a lot of queries for TXT records for "deepholeforyou.info"
> from a number of clients (many making several dozen requests per
> second). Earlier, this was returning huge TXT records (I was seeing
> 4-5
> times as much traffic from my recursive server), but now they've been
> replaced by a CNAME to fworld.net (with no TXT records).
>
> Is there some virus/worm I haven't yet heard of causing this?
If the requests came from non-clients (or all from a very small set of
"senders") then it'd sound like your average amplification attack.
- ask
--
http://develooper.com/ - http://askask.com/
More information about the dns-operations
mailing list