Re: bind9 security problem?
On Tue, Nov 07, 2006 at 06:38:56PM +0100, Adrian von Bidder wrote:
> On Monday 06 November 2006 07:57, Ozgur Karatas wrote:
> > logging {
> > category lame-servers {null; };
> > };
>
> I ignore this stuff via logcheck. But I'd really be interested what causes
> it. I'll have to look at my cronjobs, these buggers often come at the same
> minute every hour...
>
it's a lame delegation. parent (delegating) name server says that some
machine should be authoritative for particular domain but it is not.
it pretty slows down resolving (of the RRs in question) and can turn to
a little DoS against you (for example, mail server resolves clients... etc).
the pattern you recognize really looks like a cron job, logresolve,
hourly webalizer...?)
--
matej kovac
matej.kovac@telnet.sk
Reply to: