[nsp-sec] Suspicious DNS Activity
Ross, Jason
Jason.Ross at GlobalCrossing.com
Wed Jul 30 21:04:12 EDT 2008
"me too".
specifically (time is UTC):
31-Jul-2008 00:34:40.676 queries: client 194.85.88.199#17258: query: . IN ANY +
about 60-220 ms apart.
--
jason
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-
> bounces at puck.nether.net] On Behalf Of Kurt Jaeger
> Sent: Wednesday, July 30, 2008 12:58 PM
> To: nsp-security NSP
> Subject: Re: [nsp-sec] Suspicious DNS Activity
>
> ----------- nsp-security Confidential --------
>
> Hi!
>
> >> 25535 | 194.85.88.199 | ASN-RUCENTER-HOSTING Hosting Traffic
> >> exchange
> >
> > We're seeing the same here, mainly against customer resolvers.
>
> Same here.
>
> --
> MfG/Best regards, Kurt Jaeger 12 years
> to go !
> Dr.-Ing. Nepustil & Co. GmbH fon +49 7123 93006-0 pi at nepustil.net
> Rathausstr. 3 fax +49 7123 93006-99
> 72658 Bempflingen mob +49 171 3101372
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-
> security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list