Most IDS systems have logs that you could search through and find the look up … should give you a clue … is that what you’re asking?
> On Oct 28, 2016, at 7:28 PM, David Milholen <dmilho...@wletc.com> wrote: > > Ok, > I have some happy IDS components that seem to stopping google dns from > completing a lookup to our website. > How can I find out what ips are being blocked from making the trip? > I am not sure a traceroute is going to do it. I dont have an issue getting > to google. > google-dns is having an issue finding our dns. > > This is what I get with the commands I run > nslookup wletc.com 8.8.8.8 > Server: 8.8.8.8 > Address: 8.8.8.8#53 > > ** server can't find wletc.com: SERVFAIL > > When I disable the firewall rule that drops the bad IPs this is what I get. > nslookup wletc.com 8.8.8.8 > Server: 8.8.8.8 > Address: 8.8.8.8#53 > > Non-authoritative answer: > Name: wletc.com > Address: 162.212.24.50 > > What ip addresses are causing the lookup to fail?? > > -- > <Mail Attachment.jpeg>
