[wplug] Very strange DNS activity
Poyner, Brandon
bpoyner at ccac.edu
Thu Jul 28 14:35:20 EDT 2005
> 6# dig treas.tpaq.treasury.gov
>
> ; <<>> DiG 8.3 <<>> treas.tpaq.treasury.gov
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63387
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;; treas.tpaq.treasury.gov, type = A, class = IN
>
> ;; AUTHORITY SECTION:
> tpaq.treasury.gov. 2h54m59s IN SOA st3dns.usmint.gov.
> hostmaster.st3dns.usmint.gov. (
> 2005072814 ; serial
> 8H ; refresh
> 2H ; retry
> 1W ; expiry
> 1D ) ; minimum
>
>
> ;; Total query time: 20 msec
> ;; FROM: pa-plum1b-166.pit.adelphia.net to SERVER: 68.168.160.2
The name server nscache1.pittpa.adelphia.net returned a NXDOMAIN
(non-existent domain) for treas.tpaq.treasury.gov. You can see that it
had done the recursion up to the tpaq.treasury.gov name servers, as it
returned the SOA for that domain. You get a similar answer if you "dig
@ns1.google.com blah.google.com" I suspect the error was on the
government's side.
Brandon Poyner
Network Engineer III
CCAC - College Office
412-237-3086
More information about the wplug
mailing list