Site Navigation

Date:      Thu, 30 Jul 2009 07:58:17 -0700 (PDT)
From:      Roger Marquis <marquis@roble.com>
To:        freebsd-security@freebsd.org
Subject:   DNS probe sources
Message-ID:  <20090730145817.C45772B2157@mx5.roble.com>
In-Reply-To: <20090730120034.CD75610656CE@hub.freebsd.org>
References:  <20090730120034.CD75610656CE@hub.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

These source addresses are likely spoofed, but am still curious whether
other FreeBSD admins saw a preponderance of DNS probes originating from
Microsoft corp subnets ahead of the recent ISC bind vulnerability
announcement?

Roger Marquis


  Jul 28 16:51:23 PDT named[...]: client 94.245.67.253#10546: query (cache) 'output.txt/A/IN' denied
  Jul 28 16:51:23 PDT named[...]: client 94.245.67.253#10543: query (cache) 'output.txt/A/IN' denied
  Jul 28 16:51:18 PDT named[...]: client 94.245.67.253#10546: query (cache) 'output.txt/A/IN' denied
  Jul 28 16:51:18 PDT named[...]: client 94.245.67.253#10543: query (cache) 'output.txt/A/IN' denied
  Jul 28 16:51:13 PDT named[...]: client 94.245.67.253#10546: query (cache) 'output.txt/A/IN' denied
  Jul 28 16:51:13 PDT named[...]: client 94.245.67.253#10543: query (cache) 'output.txt/A/IN' denied
  Jul 28 16:51:08 PDT named[...]: client 94.245.67.253#10370: query (cache) '>/A/IN' denied
  Jul 28 16:51:08 PDT named[...]: client 94.245.67.253#10366: query (cache) '>/A/IN' denied
  Jul 28 16:51:03 PDT named[...]: client 94.245.67.253#10370: query (cache) '>/A/IN' denied
  Jul 28 16:51:03 PDT named[...]: client 94.245.67.253#10366: query (cache) '>/A/IN' denied
  Jul 28 16:50:58 PDT named[...]: client 94.245.67.253#10370: query (cache) '>/A/IN' denied
  Jul 28 16:50:58 PDT named[...]: client 94.245.67.253#10366: query (cache) '>/A/IN' denied
  Jul 28 07:25:45 PDT named[...]: client 207.46.57.240#37973: query (cache) 'output.txt/A/IN' denied
  Jul 28 07:25:45 PDT named[...]: client 207.46.57.240#37959: query (cache) '>/A/IN' denied
  ...
  Jul 27 23:24:47 PDT named[...]: client 94.245.67.253#55561: query (cache) 'output.txt/A/IN' denied
  Jul 27 23:24:32 PDT named[...]: client 94.245.67.253#55354: query (cache) '>/A/IN' denied
  Jul 27 15:10:33 PDT named[...]: client 207.46.57.240#17255: query (cache) 'output.txt/A/IN' denied
  Jul 27 15:10:33 PDT named[...]: client 207.46.57.240#17242: query (cache) '>/A/IN' denied
  ...
  Jul 24 07:21:22 PDT named[...]: client 94.245.67.253#15828: query (cache) 'output.txt/A/IN' denied
  Jul 24 07:21:07 PDT named[...]: client 94.245.67.253#15637: query (cache) '>/A/IN' denied
  Jul 24 06:10:30 PDT named[...]: client 207.46.57.240#59717: query (cache) 'output.txt/A/IN' denied
  Jul 24 06:10:30 PDT named[...]: client 207.46.57.240#59707: query (cache) '>/A/IN' denied
  ...

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090730145817.C45772B2157>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact