PDA

View Full Version : Reverse DNS authenticity?



tben1111
11-30-2008, 08:03 PM
Reverse DNS authenticity: [Could be forged: hostname home-*2*58*.b.astral.ro. does not exist]
I was looking into some info on a ip address and I recieved the above info message.
Can some clarify what it would mean, I am new to this.

Thanks

gordo
11-30-2008, 08:55 PM
All google brought me to your other post at spybot forums. However, http://astral.ro/ brought me to a Romanian hosting/etc site. Any particular reason you are investigating?

tben1111
12-01-2008, 04:39 PM
I looked into it but looks like a fake address. Is this what it is being as it is forged? I am new to this but would like to learn about what comes into my comp. Perhaps I should block it?
Thanks

gordo
12-01-2008, 05:52 PM
If you don't know what it is, block it. How are you finding it? Through the firewall logs? Is it connecting to a port? You may be part of a botnet.

Ezekiel
12-09-2008, 03:54 PM
Delete all your trusted programs from your firewall, then allow each one individually when they try to communicate. You should be able to find out if you're running any malware, if that's what you're worried about.

You don't need to worry about incoming connections as long as your ports are being monitored and you have no server apps running. Might want to self-scan your ports for this.

Ezekiel
12-30-2008, 07:08 AM
Reverse DNS authenticity: [Could be forged: hostname home-*2*58*.b.astral.ro. does not exist]
I was looking into some info on a ip address and I recieved the above info message.
Can some clarify what it would mean, I am new to this.

Thanks

I think it means that hostname was used by a home user in Romania, but they have now switched dynamic IP address (turned the router off/on, etc.).