OT misunderstood crackers

To: debianUsers <debian-user@lists.debian.org>
Subject: OT misunderstood crackers
From: Glenn English <ghe@srv.slsware.net>
Date: Sun, 10 Jan 2016 12:14:42 -0700
Message-id: <[🔎] 85830F43-A983-4693-87CA-D6884D833439@srv.slsware.net>

I'm a self-taught admin (aka mild newbie), and I don't understand why people would hit my DNS servers thousands of times.

I've got a limiter in iptables ('recent' module) that blocks and logs when there are too many hits from one IP to my DNS servers (5 hits in 10 seconds, on non-recursive BIND slaves), and I see thousands of hits in my logs (logwatch reports) every morning, many spread all over a /24 or smaller -- crackers/kiddies for sure, I suspect. 

What are they trying to accomplish? How can they get root or useful info from many DNS queries? Or are they just massively stupid with too much time on their hands? Or am I?

-- 
Glenn English

Reply to:

Follow-Ups:
- Re: OT misunderstood crackers
  - From: <tomas@tuxteam.de>
- Re: OT misunderstood crackers
  - From: Jude DaShiell <jdashiel@panix.com>

Prev by Date: Re: DVI swtch is not working with Debian 8.0
Next by Date: Re: DVI swtch is not working with Debian 8.0
Previous by thread: Re: Installing opengl 4.5
Next by thread: Re: OT misunderstood crackers
Index(es):
- Date
- Thread