[lug] CHAOS
Atkinson, Chip
CAtkinson at Circadence.com
Tue Feb 27 15:33:48 MST 2001
Don't know for sure, but there is netstat -tc, which gives a constant (the
-c) update of who is connected. You might also want to look at ntop, which
is pretty useful.
Chip
> -----Original Message-----
> From: charles at lunarmedia.net [mailto:charles at lunarmedia.net]
> Sent: Tuesday, February 27, 2001 3:32 PM
> To: LUG-DISCUSS
> Subject: [lug] CHAOS
>
>
> guys-
> i've got a guy doing lookups on my nameserver with class=CHAOS and
> type=TXT. i think there is an exploit where if you do a
> lookup on "bind"
> or something like that it returns the version of bind you're running.
>
> i have a timestamp for when the guy is trying the query, any
> suggestions
> on how i can grab his ip addr?
>
> thanks -cjm
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
More information about the LUG
mailing list