%EC%9D%B4%20%EC%9D%B4%EC%83%81%ED%95%9C%20DNS%20%EC%BF%BC%EB%A6%AC%EB%A5%BC%20%EB%B3%B4%EB%82%B4%EA%B3%A0%20%EC%9E%88%EC%8A%B5%EB%8B%88%EB%8B%A4..png)
이상한 DNS 쿼리가 있는데 왜 또는 어떤 프로세스가 그런 것을 요구하는지 찾을 수 없습니다.
이상한 것은 "-P"에 대한 요청을 의미합니다. 시스템에는 "-P" 요청을 보내는 일종의 유령 "기능"이 있는 것 같습니다.
/var/log/messages 및 기타 모든 로그를 체크인했지만 아무것도 체크인하지 않았습니다.
다음과 같습니다:
750 4.880197 172.34.167.129 172.34.167.193 DNS 64 Standard query 0xa6d9 A -P
751 4.880228 172.34.167.129 172.34.167.193 DNS 64 Standard query 0xcf06 AAAA -P
752 4.882101 172.34.167.193 172.34.167.129 DNS 64 Standard query response 0xa6d9 Refused A -P
753 4.882122 172.34.167.193 172.34.167.129 DNS 64 Standard query response 0xcf06 Refused AAAA -P
세부:
No. Time Source Destination Protocol Length Info
750 4.880197 172.34.167.129 172.34.167.193 DNS 64 Standard query 0xa6d9 A -P
Frame 750: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Linux cooked capture
Internet Protocol Version 4, Src: 172.34.167.129, Dst: 172.34.167.193
User Datagram Protocol, Src Port: 27798, Dst Port: 53
Domain Name System (query)
[Response In: 752]
Transaction ID: 0xa6d9
Flags: 0x0100 Standard query
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
-P: type A, class IN
Name: -P
[Name Length: 2]
[Label Count: 1]
Type: A (Host Address) (1)
Class: IN (0x0001)
No. Time Source Destination Protocol Length Info
751 4.880228 172.34.167.129 172.34.167.193 DNS 64 Standard query 0xcf06 AAAA -P
Frame 751: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Linux cooked capture
Internet Protocol Version 4, Src: 172.34.167.129, Dst: 172.34.167.193
User Datagram Protocol, Src Port: 27798, Dst Port: 53
Domain Name System (query)
[Response In: 753]
Transaction ID: 0xcf06
Flags: 0x0100 Standard query
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
-P: type AAAA, class IN
Name: -P
[Name Length: 2]
[Label Count: 1]
Type: AAAA (IPv6 Address) (28)
Class: IN (0x0001)
No. Time Source Destination Protocol Length Info
752 4.882101 172.34.167.193 172.34.167.129 DNS 64 Standard query response 0xa6d9 Refused A -P
Frame 752: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Linux cooked capture
Internet Protocol Version 4, Src: 172.34.167.193, Dst: 172.34.167.129
User Datagram Protocol, Src Port: 53, Dst Port: 27798
Domain Name System (response)
[Request In: 750]
[Time: 0.001904000 seconds]
Transaction ID: 0xa6d9
Flags: 0x8105 Standard query response, Refused
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
-P: type A, class IN
Name: -P
[Name Length: 2]
[Label Count: 1]
Type: A (Host Address) (1)
Class: IN (0x0001)
No. Time Source Destination Protocol Length Info
753 4.882122 172.34.167.193 172.34.167.129 DNS 64 Standard query response 0xcf06 Refused AAAA -P
Frame 753: 64 bytes on wire (512 bits), 64 bytes captured (512 bits)
Linux cooked capture
Internet Protocol Version 4, Src: 172.34.167.193, Dst: 172.34.167.129
User Datagram Protocol, Src Port: 53, Dst Port: 27798
Domain Name System (response)
[Request In: 751]
[Time: 0.001894000 seconds]
Transaction ID: 0xcf06
Flags: 0x8105 Standard query response, Refused
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 0
Queries
-P: type AAAA, class IN
Name: -P
[Name Length: 2]
[Label Count: 1]
Type: AAAA (IPv6 Address) (28)
Class: IN (0x0001)
답변1
-P나는 이것이 호스트 이름 변수가 예상되었지만 누락되고 다음 명령줄 옵션 인 가 호스트 이름 매개변수로 해석되는 단순한 잘못된 구성의 결과라고 가정합니다 .
이 같은:
HOST=""
PORT=""
/path/to/command $OTHER_ARGS -H $HOST -P $PORT
비어 있고 누락된 변수로 인해 다음과 같습니다.
/path/to/command -H -P
명령줄 스위치 를 지원하는 응용 프로그램(올바르게 실행되지 않는 응용 프로그램)을 찾는 것만큼 간단하거나 어려울 수 있는 응용 프로그램을 찾는 것이 -P...