Date: Sat, 25 Jan 2003 16:37:19 -0500 From: Leo Bicknell <bicknell@ufp.org> To: freebsd-hackers@freebsd.org Subject: DNS / UDP Port Logging Wierdness Message-ID: <20030125213719.GA20359@ussenterprise.ufp.org>
next in thread | raw e-mail | index | archive | help
--0F1p//8PRICkK4MW
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I've been getting errors like the ones below, well, for as long as
I can remember:
Jan 25 16:27:43 myhost /kernel: Connection attempt to UDP 10.0.0.1:2663 fro=
m 10.1.0.1:53
Jan 25 16:27:43 myhost /kernel: Connection attempt to UDP 10.0.0.1:2683 fro=
m 10.1.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2705 fro=
m 10.0.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2707 fro=
m 10.0.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2716 fro=
m 10.0.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2737 fro=
m 10.0.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2706 fro=
m 10.1.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2708 fro=
m 10.1.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2734 fro=
m 10.1.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2751 fro=
m 10.1.0.1:53
myhost =3D=3D 10.0.0.1, which is a nameserver. 10.1.0.1 is also a
nameserver. They are they two nameservers listed in /etc/resolv.conf.
Any ideas why these would occur so often? I get them all day,
every day. Long ago I assumed they were caused by any number of
programs running on the box that might ask for a DNS query, but
then timeout/quit before the reponse was returned. I can't see
any other programs having problems resolving names, or erroring
out on a frequent basis. =20
Any theories or other things I should look at? While searching
for last night's attacks this finally annoyed me enough to do
something about it.
--=20
Leo Bicknell - bicknell@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org
--0F1p//8PRICkK4MW
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE+MwOPNh6mMG5yMTYRAjE4AJ9f64ioxfOPGsMTBsWj8p9nU1DQlwCZAc+e
wov0l+OIxWAcylt/Dccc/4s=
=8UtM
-----END PGP SIGNATURE-----
--0F1p//8PRICkK4MW--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030125213719.GA20359>