fbsd 8.2 VM with BIND 9.9.5
fbsd 10.0-RELEASE VM with BIND 9.10.0-P2
the older machine had uptime of 400+ days, the new machine only a
couple weeks
24 hour query logging shows several million queries/day
At about the same time last night, both stopped answering queries
until rebooted.
before reboot,
load of about 1 (we see elevated load alerts with ssh brute force
attacks)
memory not swapping, plenty of free MBs.
nothing in syslog,
no sign of ssh brute force, ssh worked
rndc status showed ok
sockstat -4 showed bind listening on :53
all DNS queries from outside the machines timed out
ssh shell command:
"dig @127.0.0.1 domain.tld any" answered normally
What other forensics could have been checked?
thanks
Len
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
