Date: Sat, 29 Jan 2000 17:46:54 +0100 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: "Michael Bryan" <fbsd-security@ursine.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Continual DNS requests from mysterious IP Message-ID: <13429.949164414@critter.freebsd.dk> In-Reply-To: Your message of "Sat, 29 Jan 2000 08:42:46 PST." <200001290842460680.22E3EFC9@quaggy.ursine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <200001290842460680.22E3EFC9@quaggy.ursine.com>, "Michael Bryan" wri tes: > > >On 1/29/00 at 8:34 AM Samara McCord wrote: > >>But this also brings up my other >>point. Correct me if I'm wrong, but my DNS servers shouldn't ever have >>to deliver the MX records for aol.com (or any domain for which I don't >>serve), except to my own internal machines and for my own customers, right? > >If somebody has manually setup their system to use you as a DNS resolver, >then you will get packets for any and all DNS requests they make, no matter >where they are on the Internet. Not a very smart way to do things, mind >you, but I've seen it before, usually from customers of mine who moved a >computer from work or another ISP and kept their old DNS settings. I don't >think that's what's going on in your case, though... Tell named to only recurse for your own IP range (takes code hacking). -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?13429.949164414>