Date: Sat, 25 Jan 2003 16:37:19 -0500 From: Leo Bicknell <bicknell@ufp.org> To: freebsd-hackers@freebsd.org Subject: DNS / UDP Port Logging Wierdness Message-ID: <20030125213719.GA20359@ussenterprise.ufp.org>
index | next in thread | raw e-mail
[-- Attachment #1 --]
I've been getting errors like the ones below, well, for as long as
I can remember:
Jan 25 16:27:43 myhost /kernel: Connection attempt to UDP 10.0.0.1:2663 from 10.1.0.1:53
Jan 25 16:27:43 myhost /kernel: Connection attempt to UDP 10.0.0.1:2683 from 10.1.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2705 from 10.0.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2707 from 10.0.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2716 from 10.0.0.1:53
Jan 25 16:28:53 myhost /kernel: Connection attempt to UDP 10.0.0.1:2737 from 10.0.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2706 from 10.1.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2708 from 10.1.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2734 from 10.1.0.1:53
Jan 25 16:28:58 myhost /kernel: Connection attempt to UDP 10.0.0.1:2751 from 10.1.0.1:53
myhost == 10.0.0.1, which is a nameserver. 10.1.0.1 is also a
nameserver. They are they two nameservers listed in /etc/resolv.conf.
Any ideas why these would occur so often? I get them all day,
every day. Long ago I assumed they were caused by any number of
programs running on the box that might ask for a DNS query, but
then timeout/quit before the reponse was returned. I can't see
any other programs having problems resolving names, or erroring
out on a frequent basis.
Any theories or other things I should look at? While searching
for last night's attacks this finally annoyed me enough to do
something about it.
--
Leo Bicknell - bicknell@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE+MwOPNh6mMG5yMTYRAjE4AJ9f64ioxfOPGsMTBsWj8p9nU1DQlwCZAc+e
wov0l+OIxWAcylt/Dccc/4s=
=8UtM
-----END PGP SIGNATURE-----
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030125213719.GA20359>