nanog mailing list archives
Re: sober.z to hit tomorrow
From: Wil Schultz <wschultz () wilcomm net>
Date: Thu, 05 Jan 2006 20:01:09 -0800
FYI: I've set some traps on our DNS servers, dunno exactally what this means but I thought that I should share:
Jan 5 18:41:09 myServer named[24490]: client X.X.X.X#1192: query: arcor.de IN MX Jan 5 18:45:48 myServer named[24490]: client X.X.X.X#1034: query: freenet.de IN MX
These are the only two logs I have at this point. And I don't recall any other Sober searching for an email server.
-Wil Wil Schultz wrote:
Wouldn't it be fun if it contained the WMF exploit in some form?So, I'm planning on using swatch to monitor DNS requests for the known affected domains. What is everyone else planning to do?-Wil
Current thread:
- sober.z to hit tomorrow Wil Schultz (Jan 05)
- Re: sober.z to hit tomorrow Elijah Savage (Jan 05)
- Re: sober.z to hit tomorrow Jim Popovitch (Jan 05)
- Re: sober.z to hit tomorrow Wil Schultz (Jan 05)
- Re: sober.z to hit tomorrow Wil Schultz (Jan 05)