'ipconfig /displaydns' display over 200 DNS unrecognized, should we worry

We are having a problem with a connection and came upon recommended task where we were instructed to run the line "ipconfig /displaydns".   This displayed a series of sites unrecognized to us.

The result showed over 200 DNS and with the list actual sites and IPs.  The sites are in line "Record Name . . . . . :" and "CNAME Record  . . . . : ", the IPs are in line "A (Host) Record . . . :".

For example:
    in.greta.io
    ----------------------------------------
    Record Name . . . . . : in.greta.io
    Record Type . . . . . : 1
    Time To Live  . . . . : 41482
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 35.186.212.13

Open in new window


and
    p2-eiiarhhxducde-vnxdzw56kwg3gh6t-299593-i1.stbcast3-stb.metric.gstatic.com
    ----------------------------------------
    Record Name . . . . . : p2-eiiarhhxducde-vnxdzw56kwg3gh6t-299593-i1.stbcast3-stb.metric.gstatic.com
    Record Type . . . . . : 1
    Time To Live  . . . . : 79151
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 216.239.32.62

Open in new window


So we wanted to know,
  • what is causing this?
  • should we worry?
  • what should we do?
LVL 1
janaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Well all this is revealing what the websites are pulling from in the background. Web pages apps, and Windows are all making calls to different resources over the Internet. The DNS lookups are all cached on your computer.

As an example, this Experts Exchange page here is pulling from the following domains when looking at the stats in my browser:
www.experts-exchange.com
cdn.experts-exchange.com
expertsexchange.112.2o7.net
filedb.experts-exchange.com

And I'm using uBlock Origin so this is going to be greatly reduced.
KimputerIT ManagerCommented:
Even during the most simple browsing session, your browser fires away countless of cloud based services (be it Google, ad services or content delivery networks). In your case, those are still normal requests you make on a more busy website (news outlet or such).
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Bottom line is this is normal.
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

janaAuthor Commented:
Understood and gives a relief.  

However, if we were check them out, recommended steps you guys recommend?
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
What do you mean "check them out"?
KimputerIT ManagerCommented:
Would require extreme knowledge of all hosts. I know in.greta.io is checking for CDN, while gstatic is Google owned. For you to do that, takes you a lot of time to find out, making it a 24/7 job to keep up with all the hostnames used every day.
You could use some algorithm to lessen the load as times go by (slowly whitelisting the known ones), but still requires a lot of time.
janaAuthor Commented:
I  got it, you mean check every site and google them one by one (yes, painstaking)
KimputerIT ManagerCommented:
Some are not revealed by a simple google query, and needs quite a bit more research.
janaAuthor Commented:
Ok, prior closing the question, can you suggest some of "bit more research"? (just a little to direct us the right way)
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
It depends on what kind of research you want to do. If you are just concerned about browser activity then something like Privacy Badger (from the EFF https://www.eff.org/privacybadger) or uBlock Origin can do logging and blocking and show you a lot of resources that are being pulled from. You can also hit F12 when in your browser and you can explore all the elements.

More in depth would be to use wireshark on your computer and filter by DNS...

But if you're looking for general security knowledge then I have to say that the landscape is always changing. Following blogs or podcasts is how I keep up with it.... as best I can.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
janaAuthor Commented:
Thanx!!!
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Glad to help. :)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.