[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] DNS-requests
I've been logging a large number of domain-udp and domain-tcp packets trying to get in to our network. Most of the requests actually go to a specific (unused) address. This address used to hold a DNS-server once, and someone obviously remembers. The requests are seemingly coming from all over the net, including from other DNS-servers. What I am wondering is whether this is more likely to be someone spoofing the source addresses or whether they are using other, real DNS-servers to send these requests to us. (Is the latter, in fact, possible?) Is this a know attack of some sort? Cheers, Anders RM :) ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|