strange messages from BIND 8.3.3
Alessandro de Manzano
demanzano at playstos.com
Tue Jul 2 16:32:06 UTC 2002
On Tue, 02 Jul 2002 11:49:37 -0400, Tom Weathers wrote:
>
>I noticed just now I too am receiving burst of packets
>from the same location a204-248-36-130.deploy.-
>akamaitechnologies.com. My bursts are ALSO of
>117 messages at a time.
>
>My messages started today..moved to 8.3.3 last night.
>
>Thanks for any info.
well, according to the BIND messages list (see Mr. Treptow's answer to
my original mail) this is a malformed packet coming from a non-standard
DNS implementation.
I don't know if this means they are libc resolver bug's exploit
tentatives or simply a flawed remote DNS server...
However seems that their risk impact is low, fortunately.
We'll see how they'll evolve...
Alessandro de Manzano
Senior System & Network Administrator
Playstos - TIMA S.p.A.
Corso Sempione 63
20149 Milano, Italy
tel.: +39-023314153
fax: +39-02315678
email: demanzano at playstos.com
http://www.playstos.com
More information about the bind-users
mailing list