I installed fresh installation of solaris 10 on sparc machine with latest
bind v9,this server is behind the hardware Firewall(policy from out to in is
udp53&from in to out is any).
But my cisco IDS always announces this alarm from my server to other
external clients or servers:
"Fragment Flags Invalid"
Src Address Dst Address Signature Name
192.168.1.1 x.x.x.x Fragment Flags Invalid
Here is my named.conf:
options {
version "version not currently available";
pid-file ".../run/named.pid";
directory ".../named/namedb";
dump-file ".../named.dump";
recursive-clients 10000;
statistics-file "..../namedb/statistics";
tcp-clients 1000;
allow-recursion {
any;
};
};
logging {
channel simple_log {
file "/var/adm/named/bind.log" versions 3 size 50m;
print-category yes;
print-severity yes;
print-time yes;
severity warning;
};
category default {
simple_log;
};
};
key "rndc-key" {
algorithm ,,,,,,,,,;
secret "************";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
does anybody have idea about this alarm? can i fix this error by tunning
bind?
Regards
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
