Who is

Martin Gregorie

unread,

Feb 18, 2021, 9:02:52 AM2/18/21

to

In the last few days I started to get reports from named about missing
expected cookies from dynect.net. Here's the logwatch entry:

--------------------- Named Begin ------------------------

**Unmatched Entries**
missing expected cookie from 204.13.250.1#53: 6 Time(s)
missing expected cookie from 204.13.250.136#53: 20 Time(s)
missing expected cookie from 204.13.250.34#53: 1 Time(s)
missing expected cookie from 204.13.251.1#53: 10 Time(s)
missing expected cookie from 204.13.251.136#53: 15 Time(s)
missing expected cookie from 204.13.251.34#53: 13 Time(s)
missing expected cookie from 208.78.70.1#53: 1 Time(s)
missing expected cookie from 208.78.70.27#53: 1 Time(s)
missing expected cookie from 208.78.71.1#53: 6 Time(s)
missing expected cookie from 208.78.71.136#53: 15 Time(s)
missing expected cookie from 208.78.71.27#53: 2 Time(s)
missing expected cookie from 208.78.71.34#53: 13 Time(s)

---------------------- Named End -------------------------

So, who is dynect.net, what does it do, and why might named complain
about cookies that it should have sent but didn't?

I pointed lynx at it, didn't accept cookies (my standard way of finding
out a bit more about possibly dodgy websites , and didn't learn much more
because it has an uninformative front page and no 'About' page. About all
I can find out is that whois says it belongs to Oracle - so not a good
advert for them!

Hopefully somebody on this ng will know why this stuff has suddenly
appeared in my logwatch reports and if its possible to make it disappear
again.

--
Martin | martin at
Gregorie | gregorie dot org

Andy Burns

unread,

Feb 18, 2021, 9:31:39 AM2/18/21

to

Martin Gregorie wrote:

> So, who is dynect.net, what does it do, and why might named complain
> about cookies that it should have sent but didn't?
>
> I pointed lynx at it, didn't accept cookies

not http cookies

> Hopefully somebody on this ng will know why this stuff has suddenly
> appeared in my logwatch reports and if its possible to make it disappear
> again.

Somebody spoofing? And being found out because you'd previously had a
DNS cookie from dynect and the spoofed packets have been "caught out"
because they don't include the cookie?

Martin Gregorie

unread,

Feb 18, 2021, 1:12:27 PM2/18/21

to

OK, thanks. But who and what is dynext.net ?

Martin Gregorie

unread,

Feb 18, 2021, 1:14:00 PM2/18/21

to

s/dynext.net/dynect.net/

Martin Gregorie

unread,

Feb 18, 2021, 1:26:01 PM2/18/21

to

OK - found this: https://en.wikipedia.org/wiki/Dyn_(company)

So, it looks like its now pretty much abandonware and the noise in
logwatch is either due to the doors of unoccupied digital houses banging
in the wind or the sound of blackhats tripping over furniture in darkened
basements.

FP

unread,

Feb 19, 2021, 3:57:52 AM2/19/21

to

That wikipedia page says it's related to DynDNS. That's still going, or
at least they sent me a reminder recently that they were going to take a
subscription off my credit card... which has expired, so thanks for the
reminder!

Frank

Martin Gregorie

unread,

Feb 19, 2021, 7:57:47 AM2/19/21

to

Thanks for confirming that they are alive and well. Report sent to them.