I've been getting errors like the ones below, well, for as long as I can remember:
Jan 25 16:27:43 myhost /kernel: Connection attempt to UDP 10.0.0.1:2663 from 10.1.0.1:53 Jan 25 16:27:43 myhost /kernel: Connection attempt to UDP 10.0.0.1:2683 from 10.1.0.1:53 Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2705 from 10.0.0.1:53 Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2707 from 10.0.0.1:53 Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2716 from 10.0.0.1:53 Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2737 from 10.0.0.1:53 Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2706 from 10.1.0.1:53 Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2708 from 10.1.0.1:53 Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2734 from 10.1.0.1:53 Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2751 from 10.1.0.1:53 myhost == 10.0.0.1, which is a nameserver. 10.1.0.1 is also a nameserver. They are they two nameservers listed in /etc/resolv.conf. Any ideas why these would occur so often? I get them all day, every day. Long ago I assumed they were caused by any number of programs running on the box that might ask for a DNS query, but then timeout/quit before the reponse was returned. I can't see any other programs having problems resolving names, or erroring out on a frequent basis. Any theories or other things I should look at? While searching for last night's attacks this finally annoyed me enough to do something about it. -- Leo Bicknell - [EMAIL PROTECTED] - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - [EMAIL PROTECTED], www.tmbg.org
msg39406/pgp00000.pgp
Description: PGP signature