[dns-operations] Odd MX queries
Daniel Stirnimann
daniel.stirnimann at switch.ch
Mon Mar 11 16:55:18 UTC 2013
On 11.03.13 15:24, Daniel Stirnimann wrote:
> Has anyone an idea what the source of this traffic pattern is? It's also
> interesting to note that quite a lot of 2nd-level queries result in
> NXDOMAIN responses.
Someone responded offlist to me. It's one of the messaging bots which is
causing this traffic which has a broken resolver.
McAfee Labs recently posted a nice summary of the messaging botnets:
http://blogs.mcafee.com/mcafee-labs/an-overview-of-messaging-botnets
Thanks,
Daniel
More information about the dns-operations
mailing list