Re: Script-kiddie / client query (cache) '/MX/IN' denied

In article , Matus UHLAR - fantomas wrote: > On 03.08.10 18:01, Denis BUCHER wrote: > > I have a question, it's not really a big problem, but it's annoying. > > > > In the logs I get plenty of lines like : > >> client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1 Time(s) > >> clien

Re: Script-kiddie / client query (cache) '/MX/IN' denied

Yes I have a wonderful script doing that for SSH but not for iptables. For Bind, I must say that this problem appears 2-3 times a month, I can therefore manage it manually for the moment... Denis Le 04.08.2010 14:36, Sten Carlsen a écrit : You may want to consider how to trigger removal of

Re: Script-kiddie / client query (cache) '/MX/IN' denied

You may want to consider how to trigger removal of this blocking when the problem has gone away and the address is again used responsibly. Maybe add a log statement with a limitation of one per day and checking that this is no longer seen for some time? IPTABLES can do the logging. On 04/08/10 1

Re: Script-kiddie / client query (cache) '/MX/IN' denied

Le 03.08.2010 21:25, Kevin Darcy a écrit : I would like to know if I can block hosts doing that at the level of /etc/hosts.allow or should I do it at the level of Bind itself ? Use IPTables or add rules to your firewall. I don't believe that BIND pays any attention to /etc/hosts.allow Yes I tr

Re: Script-kiddie / client query (cache) '/MX/IN' denied

On 03.08.10 18:01, Denis BUCHER wrote: > I have a question, it's not really a big problem, but it's annoying. > > In the logs I get plenty of lines like : >> client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1 Time(s) >> client 202.152.172.4 query (cache) 'denkstunde.de/MX/IN' denied

RE: Script-kiddie / client query (cache) '/MX/IN' denied

yle Giese Sent: Tuesday, August 03, 2010 4:18 PM To: bind-users@lists.isc.org Subject: Re: Script-kiddie / client query (cache) '/MX/IN' denied Kevin Darcy wrote: > On 8/3/2010 3:03 PM, Denis BUCHER wrote: >> Dear Lyle, >> >> Le 03.08.2010 18:17, Lyle Giese a écrit :

Re: Script-kiddie / client query (cache) '/MX/IN' denied

Kevin Darcy wrote: On 8/3/2010 3:03 PM, Denis BUCHER wrote: Dear Lyle, Le 03.08.2010 18:17, Lyle Giese a écrit : I would like to know if I can block hosts doing that at the level of /etc/hosts.allow or should I do it at the level of Bind itself ? Use IPTables or add rules to your firewall. I

RE: Script-kiddie / client query (cache) '/MX/IN' denied

@lists.isc.org [mailto:bind-users-bounces+jlightner=water@lists.isc.org] On Behalf Of Kevin Darcy Sent: Tuesday, August 03, 2010 3:26 PM To: bind-users@lists.isc.org Subject: Re: Script-kiddie / client query (cache) '/MX/IN' denied On 8/3/2010 3:03 PM, Denis BUCHER wrote: > Dear

Re: Script-kiddie / client query (cache) '/MX/IN' denied

On 8/3/2010 3:03 PM, Denis BUCHER wrote: Dear Lyle, Le 03.08.2010 18:17, Lyle Giese a écrit : I would like to know if I can block hosts doing that at the level of /etc/hosts.allow or should I do it at the level of Bind itself ? Use IPTables or add rules to your firewall. I don't believe that B

RE: Script-kiddie / client query (cache) '/MX/IN' denied

ehalf Of Denis BUCHER Sent: Tuesday, August 03, 2010 3:10 PM To: wllarso Cc: bind-us...@isc.org Subject: Re: Script-kiddie / client query (cache) '/MX/IN' denied Le 03.08.2010 18:28, wllarso a écrit : >> This seems to be due to a script-kiddie. >> I would like to know if I ca

RE: Script-kiddie / client query (cache) '/MX/IN' denied

>> I would like to know if I can block hosts doing that at the level of >> /etc/hosts.allow or should I do it at the level of Bind itself ? > Use IPTables or add rules to your firewall. I don't believe that BIND > pays any attention to /etc/hosts.allow BIND has a "blackhole" option that will essen

Re: Script-kiddie / client query (cache) '/MX/IN' denied

Le 03.08.2010 18:28, wllarso a écrit : This seems to be due to a script-kiddie. I would like to know if I can block hosts doing that at the level of /etc/hosts.allow or should I do it at the level of Bind itself ? And sorry if this is not 100% on topic, I know it's at the border between BIND and

Re: Script-kiddie / client query (cache) '/MX/IN' denied

Dear Lyle, Le 03.08.2010 18:17, Lyle Giese a écrit : I would like to know if I can block hosts doing that at the level of /etc/hosts.allow or should I do it at the level of Bind itself ? Use IPTables or add rules to your firewall. I don't believe that BIND pays any attention to /etc/hosts.allow

Script-kiddie : client query (cache) '/MX/IN' denied

Dear all, I have a question, it's not really a big problem, but it's annoying. In the logs I get plenty of lines like : client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1 Time(s) client 202.152.172.4 query (cache) 'denkstunde.de/MX/IN' denied: 2 Time(s) client 202.152.172.4 quer

Re: Script-kiddie / client query (cache) '/MX/IN' denied

On Tue, 03 Aug 2010 18:01:27 +0200, Denis BUCHER wrote: > Dear all, > > I have a question, it's not really a big problem, but it's annoying. > > In the logs I get plenty of lines like : >> client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1 >> Time(s) >> client 202.152.172.4 quer

Re: Script-kiddie / client query (cache) '/MX/IN' denied

Denis BUCHER wrote: Dear all, I have a question, it's not really a big problem, but it's annoying. In the logs I get plenty of lines like : client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1 Time(s) client 202.152.172.4 query (cache) 'denkstunde.de/MX/IN' denied: 2 Time(s) cl

Script-kiddie / client query (cache) '/MX/IN' denied

Dear all, I have a question, it's not really a big problem, but it's annoying. In the logs I get plenty of lines like : client 202.152.172.4 query (cache) 'denkstelle.de/MX/IN' denied: 1 Time(s) client 202.152.172.4 query (cache) 'denkstunde.de/MX/IN' denied: 2 Time(s) client 202.152.172.4 quer