1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

DNS Server Logs - Insignt on DDoS

Discussion in 'Security' started by Iron Hide, Feb 26, 2013.

  1. #1
    Hi,
    SEMrush
    I am working on a school project where we are analyzing DNS logs for potential attacks. I know its DDoS attack but I want to go a little deep to get more insight of whats going on.

    Can someone please give me more insight on who is attacking and who's the target here for these couple logs:

    I know IP address (202.108.12.146) is coming from China, and its requesting root server, but who is the target here. Its also a DDoS attack but who are they targeting.?

    Looks same as above but IP address is from L.A and now its ./A/IN. Same question, who is the target and whats going on.

    This one is interesting:

    Does that mean Facebook is being attack and our DNS server is being used as botnet? I know its denying query bcoz recursion is off but still are they targeting FB here?

    I will really appreciate if anyone can provide me more info on there three lines.


    Thanks
     
    Iron Hide, Feb 26, 2013 IP
    SEMrush