My Wireshark displays this not previously seen occurrence, occurring as i speak:
1 0.000000 64.40.54.205 64.40.40.51 DNS Standard query PTR 66.72.205.209.in-addr.arpa
2 0.121094 64.40.40.51 64.40.54.205 DNS Standard query response PTR zz20920572066.clear-ddos.com
3 0.246094 64.40.54.205 64.40.40.51 DNS Standard query PTR 56.72.205.209.in-addr.arpa
4 0.367188 64.40.40.51 64.40.54.205 DNS Standard query response PTR zz20920572056.clear-ddos.com
5 0.996094 64.40.54.205 64.40.40.51 DNS Standard query PTR 56.72.205.209.in-addr.arpa
6 1.117188 64.40.40.51 64.40.54.205 DNS Standard query response PTR zz20920572056.clear-ddos.com
7 1.710938 64.40.54.205 64.40.40.51 DNS Standard query PTR 66.72.205.209.in-addr.arpa
8 1.832032 64.40.40.51 64.40.54.205 DNS Standard query response PTR zz20920572066.clear-ddos.com
9 2.373047 64.40.54.205 64.40.40.51 DNS Standard query PTR 66.72.205.209.in-addr.arpa
10 2.488282 64.40.40.51 64.40.54.205 DNS Standard query response PTR zz20920572066.clear-ddos.com
and so on… endlessly
clear-ddos.com’s main page claims they are a ddos protection service.
it appears the original query comes from me. Am i attacking them, are they attacking me? is this a trojan? the instant i redial, get a new ip it begins again? what should i do to stop this process?
i think those are all the noob questions i can think of. Feel free to answer any i have missed.
Umm dialup XP sp1, nothing exotic.
Drop any knowledge you can please.