I've been getting errors like the ones below, well, for as long as I can remember:
Jan 25 16:27:43 myhost /kernel: Connection attempt to UDP 10.0.0.1:2663 from
10.1.0.1:53
Jan 25 16:27:43 myhost /kernel: Connection attempt to UDP 10.0.0.1:2683 from
10.1.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2705 from
10.0.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2707 from
10.0.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2716 from
10.0.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2737 from
10.0.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2706 from
10.1.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2708 from
10.1.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2734 from
10.1.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2751 from
10.1.0.1:53
myhost == 10.0.0.1, which is a nameserver. 10.1.0.1 is also a
nameserver. They are they two nameservers listed in /etc/resolv.conf.
Any ideas why these would occur so often? I get them all day,
every day. Long ago I assumed they were caused by any number of
programs running on the box that might ask for a DNS query, but
then timeout/quit before the reponse was returned. I can't see
any other programs having problems resolving names, or erroring
out on a frequent basis.
Any theories or other things I should look at? While searching
for last night's attacks this finally annoyed me enough to do
something about it.
--
Leo Bicknell - [EMAIL PROTECTED] - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - [EMAIL PROTECTED], www.tmbg.org
msg39406/pgp00000.pgp
Description: PGP signature
