[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: named: bad referral x from y?

On Wed, 10 Oct 2001 at 10:38:22 +0300, Mikko Kilpikoski wrote:
> I'm getting a lot of following message in named log:
> bad referral (x.x.x.x.in-addr.arpa !< *.x.x.in-addr.arpa) from [y.y.y.y].53
> Where x is some host in a some network owned by X and y is my ISP's 
> nameserver. I've gotten this message about two hosts from different 
> networks. The networks in question are owned by same individual.
> What does it mean? Should I be worried? Logcheck considers it a security 

I don't think so. I've got from a couple of hundreds to a thousand of such
messages each week. Evidences od misconfigured nameservers. Maybe someone
could explain it in detail?...

> violation. What can I do about it?

"Violation" is because of word "bad". As long as zones mentioned are not
yours, you can safely ignore such messages, I think.
If I'm wrong, corrections are welcome.

 Tomasz Papszun   SysAdm @ TP S.A. Lodz, Poland  | And it's only
 tomek@lodz.tpsa.pl   http://www.lodz.tpsa.pl/   | ones and zeros.

Reply to: