'ipconfig /displaydns' display over 200 DNS unrecognized, should we worry

We are having a problem with a connection and came upon recommended task where we were instructed to run the line "ipconfig /displaydns".   This displayed a series of sites unrecognized to us.

The result showed over 200 DNS and with the list actual sites and IPs.  The sites are in line "Record Name . . . . . :" and "CNAME Record  . . . . : ", the IPs are in line "A (Host) Record . . . :".

For example:
    in.greta.io
    ----------------------------------------
    Record Name . . . . . : in.greta.io
    Record Type . . . . . : 1
    Time To Live  . . . . : 41482
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 35.186.212.13

Open in new window


and 
    p2-eiiarhhxducde-vnxdzw56kwg3gh6t-299593-i1.stbcast3-stb.metric.gstatic.com
    ----------------------------------------
    Record Name . . . . . : p2-eiiarhhxducde-vnxdzw56kwg3gh6t-299593-i1.stbcast3-stb.metric.gstatic.com
    Record Type . . . . . : 1
    Time To Live  . . . . : 79151
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 216.239.32.62

Open in new window


So we wanted to know,
  • what is causing this?
  • should we worry?
  • what should we do?
rayluvsAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Well all this is revealing what the websites are pulling from in the background. Web pages apps, and Windows are all making calls to different resources over the Internet. The DNS lookups are all cached on your computer.

As an example, this Experts Exchange page here is pulling from the following domains when looking at the stats in my browser:
www.experts-exchange.com
cdn.experts-exchange.com
expertsexchange.112.2o7.net
filedb.experts-exchange.com

And I'm using uBlock Origin so this is going to be greatly reduced.
0
KimputerCommented:
Even during the most simple browsing session, your browser fires away countless of cloud based services (be it Google, ad services or content delivery networks). In your case, those are still normal requests you make on a more busy website (news outlet or such).
1
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Bottom line is this is normal.
0
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

View On-Demand!
rayluvsAuthor Commented:
Understood and gives a relief.  

However, if we were check them out, recommended steps you guys recommend?
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
What do you mean "check them out"?
0
KimputerCommented:
Would require extreme knowledge of all hosts. I know in.greta.io is checking for CDN, while gstatic is Google owned. For you to do that, takes you a lot of time to find out, making it a 24/7 job to keep up with all the hostnames used every day.
You could use some algorithm to lessen the load as times go by (slowly whitelisting the known ones), but still requires a lot of time.
0
rayluvsAuthor Commented:
I  got it, you mean check every site and google them one by one (yes, painstaking)
0
KimputerCommented:
Some are not revealed by a simple google query, and needs quite a bit more research.
0
rayluvsAuthor Commented:
Ok, prior closing the question, can you suggest some of "bit more research"? (just a little to direct us the right way)
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
It depends on what kind of research you want to do. If you are just concerned about browser activity then something like Privacy Badger (from the EFF https://www.eff.org/privacybadger) or uBlock Origin can do logging and blocking and show you a lot of resources that are being pulled from. You can also hit F12 when in your browser and you can explore all the elements.

More in depth would be to use wireshark on your computer and filter by DNS...

But if you're looking for general security knowledge then I have to say that the landscape is always changing. Following blogs or podcasts is how I keep up with it.... as best I can.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rayluvsAuthor Commented:
Thanx!!!
0
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Glad to help. :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.