[61892] in North American Network Operators' Group
Re: dns.exe virus?
daemon@ATHENA.MIT.EDU (Chris Lewis)
Mon Sep 8 17:27:59 2003
Date: Mon, 08 Sep 2003 17:30:28 -0400
From: "Chris Lewis" <clewis@nortelnetworks.com>
Cc: nanog@merit.edu
In-Reply-To: <001201c3764b$2575d590$1809d440@cpq>
Errors-To: owner-nanog-outgoing@merit.edu
Christopher J. Wolff wrote:
> Chris,
>
> It was really odd. Here is an example of what the two hosts .3 and .4
> were up to.
For grins, I ran that through our blacklist tool to see what it coughed up.
Nothing was on our blacklists.
Had rDNS's like *.google.com, *.akamai.com, sprintbbsd,
ns2.granitecanyon.com, DNS root servers and a few non-resolving IPs.
DNS resolution loop perchance?
