[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: checking security logs

On Tue, Jan 23, 2001 at 08:02:59PM -0600, Jordan Bettis wrote:

> yet another trying DNS (comming from another dns server, hrmm)
> Jan 23 03:43:00 marvin kernel: Packet log: input DENY eth1 PROTO=6 L=40 S=0x00 I=39426 F=0x0000 T=27 SYN (#10)

Is it not normal for nameservers to "talk" to each other?
Or are nameservers only supposed to "talk" to their listed forwarders? 
What about [A-M].ROOT-SERVERS.NET?
I am currently allowing all otherwise reasonable tcp connections 
with my nameserver (by IP) as the destination in and out at port 53.
Is that risky, or is that helping resolvers get my IP quicker?  
Or both?  Or neither?


Reply to: