20,218 questions
What tools are being used to monitor?
Unusual DNS queeries
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 97%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
DaveITBS
1
Reputation point
Does anyone have any idea why a DNS server would generate unusual dns queries to what appears to be a malicious C&C site? AV scans don't seem to find root cause of any kind.
Windows for business | Windows Server | User experience | Other
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous2020-08-31T02:21:35.467+00:00 Just want to confirm the current situations.
Please feel free to let us know if you need further assistance.
-
Anonymous
2020-09-01T09:35:48.86+00:00 Hi,
Just checking in to see if the information provided was helpful.
If yes, you may accept useful reply as answer, if not, welcome to feedback.
Best Regards,
Sunny
Sign in to comment
3 answers
Sort by: Most helpful
-
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Thameur-BOURBITA 36,261 Reputation points Moderator2020-08-26T22:45:48.007+00:00 Hi,
You can launch network capture to check and get more details about the source of those queries
Don't forget to mark this reply as answer if it help you to fix your issue
-
Anonymous
2020-08-27T10:25:35.857+00:00 Hi,
Thanks for posting in Q&A platform.
Regarding of your issue, I would like to suggest that you could download the Network Monitor to collect network tracs in order to identify the source of DNS request.
Please download the “Network Monitor” as below link:
https://www.microsoft.com/en-sg/download/details.aspx?id=4865And here is an related thread for your reference:
https://community.checkpoint.com/t5/IPS-Anti-Virus-Anti-Bot-Anti/DNS-trap-bogus-IP/td-p/16753
Please Note: Since the websites are not hosted by Microsoft, the links may change without notice. Microsoft does not guarantee the accuracy of this information.Hope my answer will help you!
---Please Accept as answer if the reply is helpful---
Best Regards,
Sunny