[BlueOnyx:05322] Re: DNS DDOS?
Greg Kuhnert
gkuhnert at compassnetworks.com.au
Fri Sep 3 21:45:38 -05 2010
On 4/09/2010 11:52 AM, Chris Gebhardt - VIRTBIZ Internet wrote:
> Hi Greg,
>
> Greg Kuhnert wrote:
>> I've been noticing some interesting log messages.... I am curious if
>> anyone else is seeing this pattern...
>>
>> cat /var/log/messages | grep named.*denied$
> I just checked across our hosting network and a couple customer boxes
> and found nothing.
I did some more digging, and found this...
http://isc.sans.edu/diary.html?storyid=5713
and also
http://isc.sans.edu/diary.html?storyid=5773
Its been around for a while, but they've just decided to use my servers
at the moment I guess. I've been seeing this for a couple of weeks
constantly. If anyone else is seeing this, I'd be interested to hear
details.
Regards,
Greg.
--
+---------------------------------------------------------------------+
| / \ Greg Kuhnert, gkuhnert at compassnetworks.com.au |
|< o> Compass Networks - Pointing you in the right direction |
| \ / Come see us for BlueQuartz / BlueOnyx modules& Support. |
+---------------------------------------------------------------------+
More information about the Blueonyx
mailing list