[Pdns-users] Queries .domain. Attack to root server?
bortzmeyer at nic.fr
Sun Dec 13 15:41:53 UTC 2015
On Sun, Dec 13, 2015 at 03:17:04PM +0000,
Federico Olivieri <lvrfrc87 at gmail.com> wrote
a message of 131 lines which said:
> I did sniff traffic and I saw some strange queries with .domain at the end
> of the name
Always use tcpdump with -n option... (hint: the last field is the
port, 53 in digits, domain in letters).
> If I do dig for one of those domains I can see that the query goes directly
> to root server.
Of course, since it searches for the .domain TLD.
More information about the Pdns-users