DNSアンプ攻撃観測 (kiddy3233655.ru ANY)
よく見る形の204.46.43/24 の A レコードが大量に割り当てられている怪しいドメイン.
$ dig @127.0.0.1 kiddy3233655.ru any ;; Truncated, retrying in TCP mode. ; <<>> DiG 9.7.6-P1 <<>> @127.0.0.1 kiddy3233655.ru any ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27105 ;; flags: qr rd ra; QUERY: 1, ANSWER: 242, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;kiddy3233655.ru. IN ANY ;; ANSWER SECTION: kiddy3233655.ru. 43200 IN A 204.46.43.1 kiddy3233655.ru. 43200 IN A 204.46.43.2 kiddy3233655.ru. 43200 IN A 204.46.43.3 kiddy3233655.ru. 43200 IN A 204.46.43.4 kiddy3233655.ru. 43200 IN A 204.46.43.5 kiddy3233655.ru. 43200 IN A 204.46.43.6 kiddy3233655.ru. 43200 IN A 204.46.43.7 kiddy3233655.ru. 43200 IN A 204.46.43.8 kiddy3233655.ru. 43200 IN A 204.46.43.9 kiddy3233655.ru. 43200 IN A 204.46.43.10 kiddy3233655.ru. 43200 IN A 204.46.43.11 kiddy3233655.ru. 43200 IN A 204.46.43.12 kiddy3233655.ru. 43200 IN A 204.46.43.13 kiddy3233655.ru. 43200 IN A 204.46.43.14 kiddy3233655.ru. 43200 IN A 204.46.43.15 kiddy3233655.ru. 43200 IN A 204.46.43.16 kiddy3233655.ru. 43200 IN A 204.46.43.17 kiddy3233655.ru. 43200 IN A 204.46.43.18 kiddy3233655.ru. 43200 IN A 204.46.43.19 kiddy3233655.ru. 43200 IN A 204.46.43.20 kiddy3233655.ru. 43200 IN A 204.46.43.21 kiddy3233655.ru. 43200 IN A 204.46.43.22 kiddy3233655.ru. 43200 IN A 204.46.43.23 kiddy3233655.ru. 43200 IN A 204.46.43.24 kiddy3233655.ru. 43200 IN A 204.46.43.25 kiddy3233655.ru. 43200 IN A 204.46.43.26 kiddy3233655.ru. 43200 IN A 204.46.43.27 kiddy3233655.ru. 43200 IN A 204.46.43.28 kiddy3233655.ru. 43200 IN A 204.46.43.29 kiddy3233655.ru. 43200 IN A 204.46.43.30 kiddy3233655.ru. 43200 IN A 204.46.43.31 kiddy3233655.ru. 43200 IN A 204.46.43.32 kiddy3233655.ru. 43200 IN A 204.46.43.33 kiddy3233655.ru. 43200 IN A 204.46.43.34 kiddy3233655.ru. 43200 IN A 204.46.43.40 kiddy3233655.ru. 43200 IN A 204.46.43.41 kiddy3233655.ru. 43200 IN A 204.46.43.42 kiddy3233655.ru. 43200 IN A 204.46.43.43 kiddy3233655.ru. 43200 IN A 204.46.43.44 kiddy3233655.ru. 43200 IN A 204.46.43.45 kiddy3233655.ru. 43200 IN A 204.46.43.46 kiddy3233655.ru. 43200 IN A 204.46.43.47 kiddy3233655.ru. 43200 IN A 204.46.43.48 kiddy3233655.ru. 43200 IN A 204.46.43.49 kiddy3233655.ru. 43200 IN A 204.46.43.50 kiddy3233655.ru. 43200 IN A 204.46.43.51 kiddy3233655.ru. 43200 IN A 204.46.43.52 kiddy3233655.ru. 43200 IN A 204.46.43.53 kiddy3233655.ru. 43200 IN A 204.46.43.54 kiddy3233655.ru. 43200 IN A 204.46.43.55 kiddy3233655.ru. 43200 IN A 204.46.43.56 kiddy3233655.ru. 43200 IN A 204.46.43.57 kiddy3233655.ru. 43200 IN A 204.46.43.58 kiddy3233655.ru. 43200 IN A 204.46.43.59 kiddy3233655.ru. 43200 IN A 204.46.43.60 kiddy3233655.ru. 43200 IN A 204.46.43.61 kiddy3233655.ru. 43200 IN A 204.46.43.62 kiddy3233655.ru. 43200 IN A 204.46.43.63 kiddy3233655.ru. 43200 IN A 204.46.43.64 kiddy3233655.ru. 43200 IN A 204.46.43.65 kiddy3233655.ru. 43200 IN A 204.46.43.66 kiddy3233655.ru. 43200 IN A 204.46.43.67 kiddy3233655.ru. 43200 IN A 204.46.43.68 kiddy3233655.ru. 43200 IN A 204.46.43.69 kiddy3233655.ru. 43200 IN A 204.46.43.70 kiddy3233655.ru. 43200 IN A 204.46.43.71 kiddy3233655.ru. 43200 IN A 204.46.43.72 kiddy3233655.ru. 43200 IN A 204.46.43.73 kiddy3233655.ru. 43200 IN A 204.46.43.74 kiddy3233655.ru. 43200 IN A 204.46.43.75 kiddy3233655.ru. 43200 IN A 204.46.43.76 kiddy3233655.ru. 43200 IN A 204.46.43.77 kiddy3233655.ru. 43200 IN A 204.46.43.78 kiddy3233655.ru. 43200 IN A 204.46.43.79 kiddy3233655.ru. 43200 IN A 204.46.43.80 kiddy3233655.ru. 43200 IN A 204.46.43.81 kiddy3233655.ru. 43200 IN A 204.46.43.82 kiddy3233655.ru. 43200 IN A 204.46.43.83 kiddy3233655.ru. 43200 IN A 204.46.43.84 kiddy3233655.ru. 43200 IN A 204.46.43.85 kiddy3233655.ru. 43200 IN A 204.46.43.86 kiddy3233655.ru. 43200 IN A 204.46.43.87 kiddy3233655.ru. 43200 IN A 204.46.43.88 kiddy3233655.ru. 43200 IN A 204.46.43.89 kiddy3233655.ru. 43200 IN A 204.46.43.90 kiddy3233655.ru. 43200 IN A 204.46.43.91 kiddy3233655.ru. 43200 IN A 204.46.43.92 kiddy3233655.ru. 43200 IN A 204.46.43.93 kiddy3233655.ru. 43200 IN A 204.46.43.94 kiddy3233655.ru. 43200 IN A 204.46.43.95 kiddy3233655.ru. 43200 IN A 204.46.43.96 kiddy3233655.ru. 43200 IN A 204.46.43.97 kiddy3233655.ru. 43200 IN A 204.46.43.98 kiddy3233655.ru. 43200 IN A 204.46.43.99 kiddy3233655.ru. 43200 IN A 204.46.43.100 kiddy3233655.ru. 43200 IN A 204.46.43.101 kiddy3233655.ru. 43200 IN A 204.46.43.102 kiddy3233655.ru. 43200 IN A 204.46.43.103 kiddy3233655.ru. 43200 IN A 204.46.43.104 kiddy3233655.ru. 43200 IN A 204.46.43.105 kiddy3233655.ru. 43200 IN A 204.46.43.106 kiddy3233655.ru. 43200 IN A 204.46.43.107 kiddy3233655.ru. 43200 IN A 204.46.43.108 kiddy3233655.ru. 43200 IN A 204.46.43.109 kiddy3233655.ru. 43200 IN A 204.46.43.110 kiddy3233655.ru. 43200 IN A 204.46.43.111 kiddy3233655.ru. 43200 IN A 204.46.43.112 kiddy3233655.ru. 43200 IN A 204.46.43.113 kiddy3233655.ru. 43200 IN A 204.46.43.114 kiddy3233655.ru. 43200 IN A 204.46.43.115 kiddy3233655.ru. 43200 IN A 204.46.43.116 kiddy3233655.ru. 43200 IN A 204.46.43.117 kiddy3233655.ru. 43200 IN A 204.46.43.118 kiddy3233655.ru. 43200 IN A 204.46.43.119 kiddy3233655.ru. 43200 IN A 204.46.43.120 kiddy3233655.ru. 43200 IN A 204.46.43.121 kiddy3233655.ru. 43200 IN A 204.46.43.122 kiddy3233655.ru. 43200 IN A 204.46.43.123 kiddy3233655.ru. 43200 IN A 204.46.43.124 kiddy3233655.ru. 43200 IN A 204.46.43.125 kiddy3233655.ru. 43200 IN A 204.46.43.126 kiddy3233655.ru. 43200 IN A 204.46.43.127 kiddy3233655.ru. 43200 IN A 204.46.43.128 kiddy3233655.ru. 43200 IN A 204.46.43.129 kiddy3233655.ru. 43200 IN A 204.46.43.130 kiddy3233655.ru. 43200 IN A 204.46.43.131 kiddy3233655.ru. 43200 IN A 204.46.43.132 kiddy3233655.ru. 43200 IN A 204.46.43.133 kiddy3233655.ru. 43200 IN A 204.46.43.134 kiddy3233655.ru. 43200 IN A 204.46.43.135 kiddy3233655.ru. 43200 IN A 204.46.43.136 kiddy3233655.ru. 43200 IN A 204.46.43.137 kiddy3233655.ru. 43200 IN A 204.46.43.138 kiddy3233655.ru. 43200 IN A 204.46.43.139 kiddy3233655.ru. 43200 IN A 204.46.43.140 kiddy3233655.ru. 43200 IN A 204.46.43.141 kiddy3233655.ru. 43200 IN A 204.46.43.142 kiddy3233655.ru. 43200 IN A 204.46.43.143 kiddy3233655.ru. 43200 IN A 204.46.43.144 kiddy3233655.ru. 43200 IN A 204.46.43.145 kiddy3233655.ru. 43200 IN A 204.46.43.146 kiddy3233655.ru. 43200 IN A 204.46.43.147 kiddy3233655.ru. 43200 IN A 204.46.43.148 kiddy3233655.ru. 43200 IN A 204.46.43.149 kiddy3233655.ru. 43200 IN A 204.46.43.150 kiddy3233655.ru. 43200 IN A 204.46.43.151 kiddy3233655.ru. 43200 IN A 204.46.43.152 kiddy3233655.ru. 43200 IN A 204.46.43.153 kiddy3233655.ru. 43200 IN A 204.46.43.154 kiddy3233655.ru. 43200 IN A 204.46.43.155 kiddy3233655.ru. 43200 IN A 204.46.43.156 kiddy3233655.ru. 43200 IN A 204.46.43.157 kiddy3233655.ru. 43200 IN A 204.46.43.158 kiddy3233655.ru. 43200 IN A 204.46.43.159 kiddy3233655.ru. 43200 IN A 204.46.43.160 kiddy3233655.ru. 43200 IN A 204.46.43.161 kiddy3233655.ru. 43200 IN A 204.46.43.162 kiddy3233655.ru. 43200 IN A 204.46.43.163 kiddy3233655.ru. 43200 IN A 204.46.43.164 kiddy3233655.ru. 43200 IN A 204.46.43.165 kiddy3233655.ru. 43200 IN A 204.46.43.166 kiddy3233655.ru. 43200 IN A 204.46.43.167 kiddy3233655.ru. 43200 IN A 204.46.43.168 kiddy3233655.ru. 43200 IN A 204.46.43.169 kiddy3233655.ru. 43200 IN A 204.46.43.170 kiddy3233655.ru. 43200 IN A 204.46.43.171 kiddy3233655.ru. 43200 IN A 204.46.43.172 kiddy3233655.ru. 43200 IN A 204.46.43.173 kiddy3233655.ru. 43200 IN A 204.46.43.174 kiddy3233655.ru. 43200 IN A 204.46.43.175 kiddy3233655.ru. 43200 IN A 204.46.43.176 kiddy3233655.ru. 43200 IN A 204.46.43.177 kiddy3233655.ru. 43200 IN A 204.46.43.178 kiddy3233655.ru. 43200 IN A 204.46.43.179 kiddy3233655.ru. 43200 IN A 204.46.43.180 kiddy3233655.ru. 43200 IN A 204.46.43.181 kiddy3233655.ru. 43200 IN A 204.46.43.182 kiddy3233655.ru. 43200 IN A 204.46.43.183 kiddy3233655.ru. 43200 IN A 204.46.43.184 kiddy3233655.ru. 43200 IN A 204.46.43.185 kiddy3233655.ru. 43200 IN A 204.46.43.186 kiddy3233655.ru. 43200 IN A 204.46.43.187 kiddy3233655.ru. 43200 IN A 204.46.43.188 kiddy3233655.ru. 43200 IN A 204.46.43.189 kiddy3233655.ru. 43200 IN A 204.46.43.190 kiddy3233655.ru. 43200 IN A 204.46.43.191 kiddy3233655.ru. 43200 IN A 204.46.43.192 kiddy3233655.ru. 43200 IN A 204.46.43.193 kiddy3233655.ru. 43200 IN A 204.46.43.194 kiddy3233655.ru. 43200 IN A 204.46.43.195 kiddy3233655.ru. 43200 IN A 204.46.43.196 kiddy3233655.ru. 43200 IN A 204.46.43.197 kiddy3233655.ru. 43200 IN A 204.46.43.198 kiddy3233655.ru. 43200 IN A 204.46.43.199 kiddy3233655.ru. 43200 IN A 204.46.43.200 kiddy3233655.ru. 43200 IN A 204.46.43.201 kiddy3233655.ru. 43200 IN A 204.46.43.202 kiddy3233655.ru. 43200 IN A 204.46.43.203 kiddy3233655.ru. 43200 IN A 204.46.43.204 kiddy3233655.ru. 43200 IN A 204.46.43.205 kiddy3233655.ru. 43200 IN A 204.46.43.206 kiddy3233655.ru. 43200 IN A 204.46.43.207 kiddy3233655.ru. 43200 IN A 204.46.43.208 kiddy3233655.ru. 43200 IN A 204.46.43.209 kiddy3233655.ru. 43200 IN A 204.46.43.210 kiddy3233655.ru. 43200 IN A 204.46.43.211 kiddy3233655.ru. 43200 IN A 204.46.43.212 kiddy3233655.ru. 43200 IN A 204.46.43.213 kiddy3233655.ru. 43200 IN A 204.46.43.214 kiddy3233655.ru. 43200 IN A 204.46.43.215 kiddy3233655.ru. 43200 IN A 204.46.43.216 kiddy3233655.ru. 43200 IN A 204.46.43.217 kiddy3233655.ru. 43200 IN A 204.46.43.218 kiddy3233655.ru. 43200 IN A 204.46.43.219 kiddy3233655.ru. 43200 IN A 204.46.43.220 kiddy3233655.ru. 43200 IN A 204.46.43.221 kiddy3233655.ru. 43200 IN A 204.46.43.222 kiddy3233655.ru. 43200 IN A 204.46.43.223 kiddy3233655.ru. 43200 IN A 204.46.43.224 kiddy3233655.ru. 43200 IN A 204.46.43.225 kiddy3233655.ru. 43200 IN A 204.46.43.226 kiddy3233655.ru. 43200 IN A 204.46.43.227 kiddy3233655.ru. 43200 IN A 204.46.43.228 kiddy3233655.ru. 43200 IN A 204.46.43.229 kiddy3233655.ru. 43200 IN A 204.46.43.230 kiddy3233655.ru. 43200 IN A 204.46.43.231 kiddy3233655.ru. 43200 IN A 204.46.43.232 kiddy3233655.ru. 43200 IN A 204.46.43.233 kiddy3233655.ru. 43200 IN A 204.46.43.234 kiddy3233655.ru. 43200 IN A 204.46.43.235 kiddy3233655.ru. 43200 IN A 204.46.43.236 kiddy3233655.ru. 43200 IN A 204.46.43.237 kiddy3233655.ru. 43200 IN A 204.46.43.238 kiddy3233655.ru. 43200 IN A 204.46.43.239 kiddy3233655.ru. 43200 IN A 204.46.43.240 kiddy3233655.ru. 43200 IN A 204.46.43.241 kiddy3233655.ru. 43200 IN A 204.46.43.242 kiddy3233655.ru. 43200 IN A 204.46.43.243 kiddy3233655.ru. 43200 IN A 204.46.43.244 kiddy3233655.ru. 43200 IN NS ns1.reg.ru. kiddy3233655.ru. 43200 IN NS ns2.reg.ru. kiddy3233655.ru. 43200 IN SOA ns1.reg.ru. hostmaster.ns1.reg.ru. 1378751646 14400 3600 604800 21600 ;; Query time: 12 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Oct 7 14:00:51 2013 ;; MSG SIZE rcvd: 3944
$ whois 31.31.204.25 # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # # # Query terms are ambiguous. The query is assumed to be: # "n 31.31.204.25" # # Use "?" to get help. # # # The following results may also be obtained via: # http://whois.arin.net/rest/nets;q=31.31.204.25?showDetails=true&showARIN=false&ext=netref2 # NetRange: 31.0.0.0 - 31.255.255.255 CIDR: 31.0.0.0/8 OriginAS: NetName: RIPE-31 NetHandle: NET-31-0-0-0-1 Parent: NetType: Allocated to RIPE NCC Comment: These addresses have been further assigned to users in Comment: the RIPE NCC region. Contact information can be found in Comment: the RIPE database at http://www.ripe.net/whois RegDate: Updated: 2010-05-18 Ref: http://whois.arin.net/rest/net/NET-31-0-0-0-1 OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: http://whois.arin.net/rest/org/RIPE ReferralServer: whois://whois.ripe.net:43 OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: hostmaster@ripe.net OrgTechRef: http://whois.arin.net/rest/poc/RNO29-ARIN OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: abuse@ripe.net OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE3850-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '31.31.204.0 - 31.31.205.255' % Abuse contact for '31.31.204.0 - 31.31.205.255' is 'abuse@reg.ru' inetnum: 31.31.204.0 - 31.31.205.255 netname: REGRU-NETWORK descr: Reg.Ru country: RU admin-c: RGRU-RIPE tech-c: RGRU-RIPE status: ASSIGNED PA mnt-by: REGRU-MNT mnt-routes: DN-MNT remarks: INFRA-AW source: RIPE # Filtered role: Reg.Ru Network Operations address: Russia, Moscow, Vassily Petushkova st., house 3, Office 326 remarks: NOC e-mail: noc@reg.ru remarks: User support: support@reg.ru remarks: SPAM reports: abuse@reg.ru phone: +7 (495) 580-11-11 fax-no: +7 (495) 491-55-53 admin-c: ARP-RIPE tech-c: ARP-RIPE nic-hdl: RGRU-RIPE mnt-by: REGRU-MNT abuse-mailbox: abuse@reg.ru source: RIPE # Filtered % Information related to '31.31.204.0/24AS12695' route: 31.31.204.0/24 descr: Reg.Ru origin: AS12695 mnt-by: DN-MNT source: RIPE # Filtered % This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)
