[nsp-sec] zapto.org high dns query rate possible attack and 0/0 ??

Stephen Gill gillsr at cymru.com
Tue Aug 2 15:47:06 EDT 2011

Previous message: [nsp-sec] zapto.org high dns query rate possible attack and 0/0 ??
Next message: [nsp-sec] zapto.org high dns query rate possible attack and 0/0 ??
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I knew they were a dyn-dns provider. Why would they be returning 0.0.0.0 as
> the ip for a fqdn?
> It causes traffic towards that FQDN to be blackholed.

Probably intentional blackholing of that subdomain

They've been known to use a few different ranges for nuked RRs.

-- steve

Previous message: [nsp-sec] zapto.org high dns query rate possible attack and 0/0 ??
Next message: [nsp-sec] zapto.org high dns query rate possible attack and 0/0 ??
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the nsp-security mailing list