[dns-operations] Botnets, botnets everywhere

Peter Andreev andreev.peter at gmail.com
Thu Sep 11 14:55:48 UTC 2014


That's exactly my case with the only difference - mathematics doesn't
work for me. However I like author's idea and going to try to find
similar coincedences.

2014-09-11 17:11 GMT+04:00 Stephane Bortzmeyer <bortzmeyer at nic.fr>:
> On Thu, Sep 11, 2014 at 04:38:25PM +0400,
>  Peter Andreev <andreev.peter at gmail.com> wrote
>  a message of 29 lines which said:
>
>> a lot of very weird queries, like the following:
>>
>> 16:11:41.450794 IP 217.195.66.253.37426 > 62.76.76.62.53: 42580+ A?
>> swfjwvtkhqx.www.feile8888.com. (47)
>> 16:11:41.450796 IP 91.209.124.75.50584 > 62.76.76.62.53: 37269+ [1au]
>> A? izhsccxedub.www.feile666.com. (57)
>
> Looks like the "random qnames" attack <http://www.michael-joost.de/dnsterror.html>
>



-- 
Is there any problem Exterminatus cannot solve? I have not found one yet.



More information about the dns-operations mailing list