Re: Interresting report by logcheck....
On Fri, Feb 01, 2002 at 04:01:48PM -0500, Noah Meyerhans wrote:
> On Fri, Feb 01, 2002 at 02:10:07PM -0600, Adam Majer wrote:
> >
> > What does this mean? I am running bind but it is behind firewall and
> > inaccesible from outside..
> >
>
> logcheck is being stupid. It sees the word "attack" in the message, and
> warns you about it.
>
> The message from bind is simply stating that robotattack.com is in
> violation of some RFC by having an NS record that points to a CNAME
> (where it's supposed to point to an A record). It just means that their
> netadmins are ignorant.
admin singular -- robotattack.com is my home machine.
RFC 1033 defines a machine name as an absolute address (A) or a
pointer (CNAME), and later states that an ns record contains a machine
name, which would seem to make either an A or a CNAME valid.
I'd appreciate it if you'd direct me to the newer material that
supersedes the information in RFC 1033, Noah. I'll be searching myself
as well. I don't wish to remain ignorant, of course.
In the mean time, I've changed the configuration to use the machine's
A name. Hopefully this will prevent Adam or others from seeing the
warning again.
Reply to: