[dns-operations] A lot of CNAME queries for domain ?
Mohamed Lrhazi
ml623 at georgetown.edu
Thu Jul 5 18:22:36 UTC 2012
Looking at it further, it does seem like the source IPs of these queries
are actually fake... as most seem to be consecutive IPs, like such:
74.125.126.86
74.125.126.85
74.125.126.84
74.125.126.83
...
Thanks,
Mohamed.
On Thu, Jul 5, 2012 at 2:10 PM, Mohamed Lrhazi <ml623 at georgetown.edu> wrote:
> Our domain is georgetown.edu, so as to remove any confusion regarding
> what I am seeing and what I am asking about...
>
> I actually see 1,500 queries, in a 15 min sample, of type CNAME for name:
> georgetown.edu
>
> The origin of the queries seems diversified... no single client has more
> than any other...
>
> Thanks,
> Mohamed.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20120705/ffc34962/attachment.html>
More information about the dns-operations
mailing list