Author Topic: 2 unknown ip networks in my Dome Shield DNS + high log amount  (Read 867 times)

Offline BlueTesta

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 468
Saw some strange things inside my Comodo dome shield website.

They are not added to my networks menu inside Comodo dome shield config
and they have a high usage traffic.

Country:   Pakistan
https://whatismyipaddress.com/ip/203.80.128.99
203.80.128.99

Country:   Pakistan
https://whatismyipaddress.com/ip/121.52.154.231
121.52.154.231


pictures
https://imgur.com/a/OYF85
https://imgur.com/a/kxiii
https://imgur.com/a/pzyIe

It looks like some one else account dns usage show up in my DNS, in that case, mine could show up at someone else Logs.

have changed my dns to google for now, on my phone.


Edit: it have contiued even after yesterday.
It stopped today at  2018-03-17 06:00

Edit 2: im home now 2018-03-17 16:00 and the usage now looks normal, no unknown ip addresses show up in the current log.

Edit 3: The last time i saw other networks in the log, (not added by me) Was at 2018-03-17 07:00.
No unknown network DNS activity show up after that.

Edit 4: the 2 unknown networks show up from 2018-03-15 16:00  to  2018-03-17 06:00.
« Last Edit: March 20, 2018, 02:18:21 PM by BlueTesta »
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid."

Offline bulut

  • Moderator
  • Comodo Family Member
  • *****
  • Posts: 55
Re: 2 unknown ip networks in my Dome Shield DNS + high log amount
« Reply #1 on: March 19, 2018, 08:26:39 AM »
Saw some strange things inside my Comodo dome shield website.

They are not added to my networks menu inside Comodo dome shield config
and they have a high usage traffic.

Country:   Pakistan
https://whatismyipaddress.com/ip/203.80.128.99
203.80.128.99

Country:   Pakistan
https://whatismyipaddress.com/ip/121.52.154.231
121.52.154.231


pictures
https://imgur.com/a/OYF85
https://imgur.com/a/kxiii

It looks like some one else account dns usage show up in my DNS, in that case, mine could show up at someone else Logs.

have changed my dns to google for now, on my phone.


Edit: it have contiued even after yesterday.
It stopped today at  2018-03-17 06:00

Edit 2: im home now 2018-03-17 16:00 and the usage now looks normal, no unknown ip addresses show up in the current log.

Edit 3: The last time i saw other networks in the log, (not added by me) Was at 2018-03-17 07:00.
No unknown network DNS activity show up after that.

hi BlueTesta,

We are investigating your account as we speak to understand the cause of the issue mentioned.

But, just to make sure, those IPs doesn't appear anymore right ?

Offline BlueTesta

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 468
Re: 2 unknown ip networks in my Dome Shield DNS + high log amount
« Reply #2 on: March 19, 2018, 12:19:04 PM »
Not after 2018-03-17 07:00,  i will check again when i get home today.
Edit: the 2 unknown networks show up from 2018-03-15 16:00  to  2018-03-17 06:00.
« Last Edit: March 19, 2018, 01:46:50 PM by BlueTesta »
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid."

Offline BlueTesta

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 468
Re: 2 unknown ip networks in my Dome Shield DNS + high log amount
« Reply #3 on: April 09, 2018, 04:40:31 PM »
any news?
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid."

Offline BlueTesta

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 468
Re: 2 unknown ip networks in my Dome Shield DNS + high log amount
« Reply #4 on: May 27, 2018, 05:32:11 AM »
Any progress?
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid."

Offline nevzathuruzoglu

  • Newbie
  • *
  • Posts: 6
Re: 2 unknown ip networks in my Dome Shield DNS + high log amount
« Reply #5 on: June 13, 2018, 04:43:36 AM »
Hi BlueTesta,

The team did not detect any abnormality in your logs for the past couple of weeks and verified that the IPs you have in your account did not report to anywhere else. You can change your DNS back to Shield, if you would like to.

We will still be keeping an eye on your account if/when you set your DNS to Shield.


Offline BlueTesta

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 468
Re: 2 unknown ip networks in my Dome Shield DNS + high log amount
« Reply #6 on: June 13, 2018, 02:16:29 PM »
Hi BlueTesta,

The team did not detect any abnormality in your logs for the past couple of weeks and verified that the IPs you have in your account did not report to anywhere else. You can change your DNS back to Shield, if you would like to.

We will still be keeping an eye on your account if/when you set your DNS to Shield.

Any guess why 2 networks showed up in the log suddenly? since they wasent added to the Networks Tab.
2018-03-15 16:00  to  2018-03-17 06:00

Thanks, unfortunately im running DNS over TLS now with Quad9 and cloudflare on my pfsense box,
if it will be supported in the future then i will be back  :)
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid."

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek