| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: SVerma at ocwen.com (Verma, Sachin) Subject: DNS query??? Hi, I have a secondary dns server,which is internal to LAN and on windows 2000 that is generating a lot of queiries for all the 13 root dns servers.The traffic is blocked by the firewall.But the strange thing that I have noticed is that the source and destination port being the same i.e 53.Also the forwarder is correctly set on the DNS server and hence theoritically the querries need to be forwarded to the next DNS server. Any body got an idea as to what is this. S@[|-|i/\/ -----Original Message----- From: Paul Rolland [mailto:rol@...be.net] Sent: Tuesday, July 27, 2004 4:11 PM To: 'Paul Schmehl'; full-disclosure@...ts.netsys.com Subject: Re: FW: [Full-Disclosure] Question for DNS pros Hello, > > The machine sending the queries is probably configured to use > > your server as a complete DNS resolver and transfer all its queries > > to your server. > > > Umm...I don't *have* a server at that address. In fact, > there is no live > host at all at that address. *That*, after all, is the > entire point of > this thread. Understood, but this doesn't prevent someone from making a mistake when creating its configuration file... and if the resolver has more than one host (including yours), then failure from your machine will simply let him skip to next host, which in fact only slows down DNS resolution. Thus, people are likely to live with a broken configuration for long... Collect the source IP(s), find the admin and send him an email... Regards, Paul _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html *************************************************************** NOTICE OF CONFIDENTIALITY This E-mail message and its attachments (if any) are intended solely for the use of the addressee hereof. In addition, this message and the attachments (if any) may contain information that is confidential, privileged and exempt from disclosure under applicable law. If you are not the intended recipient of this message, you are prohibited from reading, disclosing, reproducing, distributing, disseminating or otherwise using this transmission. Delivery of this message to any person other than the intended recipient is not intended to waive any right or privilege. If you have received this message in error, please promptly notify the sender by reply E-mail and immediately delete this message from your system. ************************************************************************************************************************************* This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com **********************************************************************
Powered by blists - more mailing lists