[104928] in North American Network Operators' Group
Re: Large number of DNS probes in last 24 hours
daemon@ATHENA.MIT.EDU (Lynda)
Fri May 30 13:10:17 2008
Date: Fri, 30 May 2008 10:11:43 -0700
From: Lynda <shrdlu@deaddrop.org>
To: nanog@nanog.org
In-Reply-To: <alpine.NEB.1.10.0805301303240.1704@himring.draga.com>
Errors-To: nanog-bounces@nanog.org
Jim Wise wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I've seen a surprising number of attempted recursive DNS requests
> against unpublished non-recursive DNS servers in the last 24 hours or
> so, many of them obviously probes of some sort (query for "." IN NS,
> eg).
> Is anyone else seeing this? Is it new? Or did some botnet just reach
> this corner of the IP space?
Yes, no, and yes. I've seen this sort of thing severe enough that I
simply took the servers down for a day (yes, really), even considering
the severe inconvenience that caused.
--
Die Gedanken sind frei
