"DNS_Windows_SMTP_Overflow" from WORLDNIC.COM DNS servers

CanHost webhostingcanada at gmail.com
Tue Jul 5 20:39:52 UTC 2005


Hello!

We are seeing continual daily probes to one of our DNS servers from
multiple IP's that are all WORLDNIC.COM (netsol) DNS.

The firewall is logging this event as "DNS_Windows_SMTP_Overflow". The
firewall log is showing: "len=28523" and "len=49256" and other
variations of this phrase. The probes are coming from
"ns91.worldnic.com" and others.

These are WINDOWS DNS that we are using. If anyone knows what this may
be or is also seeing this activity please let me know. I know the
premise of this vulnerability, and we are not open to it. I emailed
NETSOL about this and if they respond I will post it here. This started
happening about 5 days ago.

GB.



More information about the bind-users mailing list