[dns-operations] DNS question
Jason Lewis
jlewis at packetnexus.com
Thu Oct 25 18:23:50 UTC 2012
Does anyone recognize what is going on here?
I suspect it's malicious, but I can't figure out what the goal is. Is
it just an attempt to hide bad guy infrastructure?
trexcil.info. IN NS ns3.urqwk.info.
trexcil.info. IN NS ns4.urqwk.info.
trexcil.info. IN NS ns1.rcbiil.info.
trexcil.info. IN NS ns2.rcbiil.info.
trexcil.info. IN CNAME d51.aczdmxkgr1ik.trexcil.info.
trexcil.info. IN CNAME d5a.b1w8xqzktn6h.trexcil.info.
trexcil.info. IN CNAME d5a.c5383kpdz8zo.trexcil.info.
trexcil.info. IN CNAME d5a.c8kn44b8axpm.trexcil.info.
trexcil.info. IN CNAME d5a.cztm14bsw1rn.trexcil.info.
trexcil.info. IN CNAME d5a.df81qezk2khs.trexcil.info.
trexcil.info. IN CNAME dv8.afyb1y7ihhix.trexcil.info.
trexcil.info. IN CNAME dva.beq1iktr59qe.trexcil.info.
trexcil.info. IN CNAME d518.adv3uyrx32g.trexcil.info.
<snip>
More information about the dns-operations
mailing list