Hey all,
I have a local DNS caching server set up.
I also have a few local hostnames assigned ( Orion, Gemini, etc.) for different servers here.
I ran `dig orion` and `dig gemini` commands and received these unexpected replies:
orion. 10 IN A 23.202.231.166
orion. 10 IN A 23.217.138.107
gemini. 10 IN A 23.217.138.107
gemini. 10 IN A 23.202.231.166
These are not my IPs, nor are they IPs that I recognize.
These IPsseem to map back to Akamai Technologies.
At first, I thought they might be a default public DNS (root server or something), but these IPs do not respond to DNS queries, nor are they listening on port 53. (Note: They are open on port 22, 80.)
In addition, searching for the IPs in Google return multiple results that other people have had these IPs returned to them when resolving what should be a local hostname.
I did restart the local DNS services (which clears the local cache.) After the service restart I am not seeing these mystery IPs appearing anymore.
Any idea what is going on with these IPs? Is my local DNS cache being poisoned?
No comments:
Post a Comment