Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

NIOS DNS DHCP IPAM

Reply

Querying to nonexist domain, but get noerror respond

Superuser
Posts: 105
1608     0

Hi,

 

I get some first experience finding when i try to query a non-existent domain the auth DNS response with no-error. below the capture dig response sample: (abc.co.id as example)

 

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.7 <<>> A +additional asdf.abc.co.id. @8.8.4.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21196
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;asdf.abc.co.id. IN A

;; AUTHORITY SECTION:
abc.co.id. 1799 IN SOA ns1.abc.net. postmaster.no.email.please. 399010820 3600 600 2592000 3600

;; Query time: 579 msec
;; SERVER: 8.8.4.4#53(8.8.4.4)
;; WHEN: Tue Jul 7 10:10:53 2020
;; MSG SIZE rcvd: 127

 

Does anybody have explanation on this?

 

Thanks

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Demo: Infoblox IPAM plug-in integration with OpenStack Newton