That's being discussed on NANOG, here's one thread: http://markmail.org/message/ydiqnztzmz5qmusf
See here for more details in blocking them: http://www.cymru.com/Documents/secure-bind-template.html specifically: blackhole { // Deny anything from the bogon networks as // detailed in the "bogon" ACL. bogon; }; Note that isprime is suggesting an ACL on your firewall or router. Frank -----Original Message----- From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Scott Haneda Sent: Tuesday, January 20, 2009 5:41 PM To: BIND Users Mailing List Subject: denied NS/IN Hello, looking at my logs today, I am getting hammered with these: 20-Jan-2009 15:39:06.284 security: info: client 66.230.160.1#48517: query (cache) './NS/IN' denied 20-Jan-2009 15:39:06.790 security: info: client 66.230.128.15#31593: query (cache) './NS/IN' denied Repeated over and over, how do I tell what they are, and if they are bad, what is the best way to block them? -- Scott _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
