[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Interresting report by logcheck....

On Fri, Feb 01, 2002 at 04:01:48PM -0500, Noah Meyerhans wrote:
> On Fri, Feb 01, 2002 at 02:10:07PM -0600, Adam Majer wrote:
> > 
> > What does this mean? I am running bind but it is behind firewall and
> > inaccesible from outside..
> > 
> logcheck is being stupid.  It sees the word "attack" in the message, and
> warns you about it.
> The message from bind is simply stating that robotattack.com is in
> violation of some RFC by having an NS record that points to a CNAME
> (where it's supposed to point to an A record).  It just means that their
> netadmins are ignorant.

admin singular -- robotattack.com is my home machine.

RFC 1033 defines a machine name as an absolute address (A) or a
pointer (CNAME), and later states that an ns record contains a machine
name, which would seem to make either an A or a CNAME valid.

I'd appreciate it if you'd direct me to the newer material that
supersedes the information in RFC 1033, Noah. I'll be searching myself
as well. I don't wish to remain ignorant, of course.

In the mean time, I've changed the configuration to use the machine's
A name. Hopefully this will prevent Adam or others from seeing the
warning again.

Reply to: