What is (5)debug(7)opendns(3)com(0)

Follow
Avatar
jwilson2791

We are looking for instances of coinhive and attempting to determine which sites are using coinhive in the course of looking for these sites we found these requests.  Can you explain what debug is for?  

 

1/18/2018 4:11:25 AM 13BC PACKET  000000F10BCB24F0 UDP Rcv **.**.**.**   baad   Q [0001   D   NOERROR] TXT    (5)debug(7)opendns(3)com(0)

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    rotblitz (Edited )

    What tool did you use to capture this information?

    It looks like a packet from a DNS response to the following DNS query:

    dig debug.opendns.com. txt
       - or -
    nslookup -type=txt debug.opendns.com.

    To answer your question: 
    The domain debug.opendns.com is being used for diagnostic purposes in case something OpenDNS related doesn't work for a user.

    "attempting to determine which sites are using coinhive"

    Isn't this Coinhive JavaScript based?  Then your approach to research this through DNS is wrong.  You must analyze your web traffic, not your DNS traffic.

    0
    Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post