[dns-operations] random queries
Willy Manga
willym at manbene.net
Sat Mar 15 14:58:53 UTC 2025
Hi,
> Date: Sat, 15 Mar 2025 12:12:17 +0100
> From: Hans Mayer <isc at ma.yer.at>
> To: dns-operations at dns-oarc.net
> Subject: random queries
> Message-ID: <b381c5fe-1bfb-472d-ad89-a7e9801a452a at ma.yer.at>
> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>
>
> Dear All,
>
> I saw in the past increased queries for random names. For example from
> this IP 60.26.63.253
> It comes in about half minute intervals and doesn't make sense for me at
> all. I find it over weeks in the logs.
> Any ideas for what this should be useful ?
I don’t know either, but I’ve noticed the same behavior from several
resolvers I use. I’ve received a large number of queries from two IPs
(60.26.63.253, 60.26.67.97) within the range 60.24.0.0/14, similar to
this one:
https://paste.debian.net/1363290/
Since March 1, 2025, there have been queries for a total of 14,326
random domains. I can provide more details on the queries if needed.
--
Willy Manga
More information about the dns-operations
mailing list