DNS poison attack by OpenDNS ??

vijayind · #1 February 27th, 2009, 05:08 AM

I just checked my logs on ESS v4 and it says that it found a DNS poison attack. But the DNS server mentioned is OpenDNS

I am guessing something, a flaw here ..

Code:

		
2/27/2009 1:00:39 PM	Detected DNS cache poisoning attack	208.67.220.220:53	192.168.*.**1:57507	UDP			
2/27/2009 1:00:29 PM	Detected DNS cache poisoning attack	208.67.220.220:53	192.168.*.**1:56003	UDP			
2/27/2009 12:52:04 PM	Detected DNS cache poisoning attack	208.67.220.220:53	192.168.*.**1:64203	UDP			
2/27/2009 12:52:01 PM	Detected DNS cache poisoning attack	208.67.220.220:53	192.168.*.**1:62710	UDP			
2/27/2009 12:32:50 PM	Detected DNS cache poisoning attack	208.67.220.220:53	192.168.*.**1:63525	UDP

Specs:
Vista SP1 (32-bit)
ESS v4 beta
Mamutu
OpenDNS

Novicex · #2 March 4th, 2009, 09:37 AM

This is normal, dont worry, this not an attack. But possibly if there is to many records in short of time (every 1-10 seconds) is ...... dont get crazy.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search