Re: Google chrome sending strange DNS queries

[TAS <p0wnsauc3 () gmail com>]

Start Chrome and start Wireshark. Apply the filter udp.port==5355

For Link Local Multicast Name Resolution protocol (LLMNR) protocol you
will similar output in wireshark.

http://en.wikipedia.org/wiki/Link-local_Multicast_Name_Resolution

This protocol was implemented Windows Vista onwards, so you should
this in Windows Server 2008 and Windows 7 as well.

-
TAS
http://twitter.com/p0wnsauc3




On 19 May 2011 17:50, Sherwyn <infolookup () gmail com> wrote:
> Interesting I will have to test this one and see. I know recently someone did a writeup about Microsoft doing a 
> similar phone home when you launch I.E  so it can verify you internet connection.
>
> http://blog.superuser.com/2011/05/16/windows-7-network-awareness/
> Infolookup
> http://infolookup.securegossip.com
> www.twitter.com/infolookup
>
>
> -----Original Message-----
> From: Eric <dkn4a1 () gmail com>
> Sender: full-disclosure-bounces () lists grok org uk
> Date: Thu, 19 May 2011 02:37:35
> To: <full-disclosure () lists grok org uk>
> Subject: [Full-disclosure] Google chrome sending strange DNS queries
>
> Greetings,
>
> Has anyone ever noticed, the sort of DNS queries when you fire/running
> Google-chrome?
> The DNS queries for domain names likes:
> bsjghxplor
> hrrtjswxtt
> epjyptuure
>
> etc.
>
> Behavior has been observed on Linux as well as Windows systems.
> See the attached screenshot of wireshark dump.
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/