The router does dns, normally everything is fine (except for the officially poisoned ones but that's a different subject.) There's an acl to deny any incoming connections to udp 43 except for my real dns servers. No problemo.
A while ago dropped the access-list to troubleshoot some stuff, in a short period of time I noticed a bunch of bogus entries in the dns cache :
It's not a problem cuz I cleared the phony hosts and turned the filter back on but curious about how this is done ? The phony ip's are from Korea ...
A while ago dropped the access-list to troubleshoot some stuff, in a short period of time I noticed a bunch of bogus entries in the dns cache :
Code: Select all
Host Port Flags Age Type Address(es)
Www.facEbook.com None (temp, OK) 0 IP 59.24.3.173
Www.youTube.com None (temp, OK) 1 IP 59.24.3.173
TwitteR.com NA (temp, OK) 1 IP 59.24.3.173
It's not a problem cuz I cleared the phony hosts and turned the filter back on but curious about how this is done ? The phony ip's are from Korea ...
two girls for every boy ...