Named requests filling up T1
Steve Suhre
cheesiest at nano.net
Tue Jan 17 01:37:13 PST 2006
Thanks, I think that's what I was looking for. I expect the "ISP" is in
another country somewhere and would be hard to reach, if they could be
reached at all. And it's probably a bad reference somewhere to the
server here, so shutting of recursive queries could help... If I shut
named off for an hour or two they go away, so I'm guessing the offending
server switches to the secondary and gets what it's looking for?
Thanks!
Mike Silbersack wrote:
>>Thanks Matt,
>>
>>The answer to both is no. The domain doesn't resolve either
>>(v.tn.co.za). It looks like the source IP changes too...sigh.... I tried
>>a whois on the source IP and it was not found, so it may be spoofed? Or
>>someone has a very messed up server...
>>
>>
>
>There was a thread on bugtraq about this, you're either being attacked or
>are being used to attack someone else.
>
>Reconfigure BIND so that it ignores recursive queries originating from
>outside your network - at least that will save your outbound bandwidth.
>
>Mike "Silby" Silbersack
>_______________________________________________
>freebsd-hackers at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
>
>
>
>
--
Steve Suhre
steve at pasta.net
719.439.6052 Cell
719.632.2897 Home
More information about the freebsd-hackers
mailing list