Ray Van Dolson wrote:
> 1.8GB's of these seems incredibly excessive... I wonder if they're not
> legitimate DNS requests trying to get to you because you're the SOA for
> some domain...
>
I've seen this sort of behavior from broken resolvers trying to follow a
fully-lame delegation.
If you susp
> I show millions of lines like:
> Oct 4 11:49:30 dns1 named[878]: client 68.13.16.20#53535: query (cache)
> denied
>
> If I trim out those and the last message repeated lines, I go from a
> messages log of 1.8GB to 1.3MB but 2 weeks earlier my messages log for
> the week was only 339M.
>
> Goog
I'm just spit balling, but this doesn't sound like good normal behavior. Off
handedly it sounds like a DNS poison or transfer attempt. I'm not entirely
certain a centos mailing list is a good venue for this question. I would try
asking in SecurityFocus.
Geoff
Sent from my BlackBerry wirele
3 matches
Mail list logo
