|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Bogus DNS traffic
From: David Gillett (gillettdavid
fhda.edu)
Date: Wed Oct 22 2003 - 14:38:51 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm seeing random UDP packets to port 53 of random
internal IP addresses. The source IP addresses are
external, all over the map, although the one example
I've gotten a good capture of bore the source MAC
address of an internal server. (Whatever is spoofing
the IP address *could* be spoofing the MAC address, but
that would still indicate an origin inside our network....)
Does anyone recognize this?
David Gillett
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_incidents_031015
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]