[176517] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: How to track DNS resolution sources

daemon@ATHENA.MIT.EDU (TR Shaw)
Wed Dec 3 11:32:17 2014

X-Original-To: nanog@nanog.org
From: TR Shaw <tshaw@oitc.com>
In-Reply-To: <CACK8u8JkhsqRFwu1izLju1X1adHAjY6iLOpF-_wUJY0PRFEUsA@mail.gmail.com>
Date: Wed, 3 Dec 2014 11:32:08 -0500
To: Notify Me <notify.sina@gmail.com>
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org

On the command line:

host spoofed.host.name.com


On Dec 3, 2014, at 11:22 AM, Notify Me <notify.sina@gmail.com> wrote:

> Hi!
> 
> I hope I'm wording this correctly. I had a incident at a client site where
> a DNS record was being spoofed. How does one track down the IP address
> that's returning the false records ? What tool can one use?
> 
> Thanks!
> 
> 
> 
> 
> -- 
> Sent from MetroMail


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[176517] in North American Network Operators' Group

Re: How to track DNS resolution sources

daemon@ATHENA.MIT.EDU (TR Shaw)Wed Dec 3 11:32:17 2014

daemon@ATHENA.MIT.EDU (TR Shaw)
Wed Dec 3 11:32:17 2014