Interesting log entries
Tony Toews
ttoews at telusplanet.net
Sun Dec 18 20:32:14 UTC 2005
Tony Toews <ttoews at telusplanet.net> wrote:
>From 15-Dec-2005 16:18:40.199 to 15-Dec-2005 16:33:38.308 I've got about 960
>virtually identical log entries.
>
>15-Dec-2005 16:18:40.199 client 213.146.173.33#46932: query: e.tn.co.za ANY ANY +E
>15-Dec-2005 16:18:41.121 client 213.146.173.33#63499: query: e.tn.co.za ANY ANY +E
>15-Dec-2005 16:18:42.012 client 213.146.173.33#55080: query: e.tn.co.za ANY ANY +E
>
>All from the same IP address. And looking back in the logs there are quite a number
>for this particular domain however different IP addresses. That is there will be
>hundreds of queries regarding this domain from one IP address and then hundreds of
>queries from another IP address regarding this same domain.
Could this be something misconfigured at the tn.co.za or is this some kind of DOS
attack using my DNS server as a proxy?
I'd think it's something badly misconfigured at the DNS entries for tn.co.ca. When I
visit http://msv.dk/ms174.asp put in e.tn.co.za for Host/domain name and then
ns1.genetic.co.za in Nameserver to ask I get a very interesting set of data. Don't
know how well this will come out in the newsgroup posting.
e.tn.co.za text =
"baadshah+silkk at efnet..........................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"..............................................................................................................................................................................................................................................................."
"................................................................................................................."
Tony
--
Tony Toews, Microsoft Access MVP
Please respond only in the newsgroups so that others can
read the entire thread of messages.
Microsoft Access Links, Hints, Tips & Accounting Systems at
http://www.granite.ab.ca/accsmstr.htm
More information about the bind-users
mailing list