[169245] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: random dns queries with random sources

daemon@ATHENA.MIT.EDU (Joe Maimon)
Wed Feb 19 11:59:51 2014

Date: Wed, 19 Feb 2014 11:59:04 -0500
From: Joe Maimon <jmaimon@ttec.com>
To: "Beeman, Davis" <Davis.Beeman@integratelecom.com>,
 North American Networking and Offtopic Gripes List <nanog@nanog.org>
In-Reply-To: <2AF841AB78217140A2A394B2BB6D39C5037B41EE@IDCPRDMBX2.ads.integratelecom.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org



Beeman, Davis wrote:

> rather the authoritative name server in these domains is the rouge DNS server in use by the bad actor running a botnet.
>
> Davis Beeman
> Network Security Engineer



Somebody must be registering these domain names.

And I should be able to compile a list of the auth servers in question.

Joe


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[169245] in North American Network Operators' Group

Re: random dns queries with random sources

daemon@ATHENA.MIT.EDU (Joe Maimon)Wed Feb 19 11:59:51 2014

daemon@ATHENA.MIT.EDU (Joe Maimon)
Wed Feb 19 11:59:51 2014