Peculiar DNS queries
Reindl Harald
h.reindl at thelounge.net
Sun Dec 22 17:31:07 UTC 2019
Am 22.12.19 um 18:28 schrieb Paul Kosinski via bind-users:
> Every so often, we get a run of peculiar queries to our (BIND / named)
> DNS server. Note the apparently random mix of lower case and upper case
> letters in the domain names.
>
> Does anybody have any idea why somebody would be doing this? (It's
> legal, I guess, but quite non-standard.)
>
> Dec 22 12:05:43 iment0 named[10333]: client 134.0.217.68#20012 (Www.IMent.coM): query: Www.IMent.coM IN AAAA -E (216.55.100.246)
>
> Dec 22 12:05:44 iment0 named[10333]: client 134.0.217.54#53150 (Www.iMent.Com): query: Www.iMent.Com IN AAAA -E (216.55.100.246)
>
> Dec 22 12:05:44 iment0 named[10333]: client 134.0.217.53#27016 (WWw.imENT.cOm): query: WWw.imENT.cOm IN A -E (216.55.100.245)
>
> Dec 22 12:05:44 iment0 named[10333]: client 134.0.217.69#23417 (WWw.IMeNt.cOM): query: WWw.IMeNt.cOM IN A -E (216.55.100.245)
because it#s some idiotic bot, typical network noise
[harry at srv-rhsoft:~]$ whois 216.55.100.246
NetRange: 216.55.96.0 - 216.55.111.255
CIDR: 216.55.96.0/20
NetName: SMSV-BLK-1
NetHandle: NET-216-55-96-0-1
Parent: NET216 (NET-216-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Smart Servers (SMSV)
More information about the bind-users
mailing list