All,
I've recently sent emails to a few gateway operators regarding non-stop traffic to the
DNS server dns-mdc[dot]ampr[dot]org. The clients make A and AAAA queries for the same
domain at a rate that's highly unlikely to be legitimate software.
I first noticed this on another IP. In that instance, the client continued to query the
server despite being rejected.
Perhaps the operators can share more information or insight on what they discover as they
have time to work out the issue. For others, be mindful, remember to firewall and use good
Internet hygiene.
73,
LynwoodKB3VWG