Date: Wed, 4 Apr 2001 06:45:35 +0200 From: "Leif Neland" <leifn@neland.dk> To: <freebsd-isp@FreeBSD.ORG> Subject: Re: Named Keep crashing. Message-ID: <016601c0bcc2$1768df00$6405a8c0@neland.dk> References: <Pine.BSF.4.21.0104030450590.3263-100000@workhorse.iMach.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Is there any way to trace who is doing it? Running tcpdump with certain filter settings to avoid logging everything and filling the disk? Leif ----- Original Message ----- From: "Forrest W. Christian" <forrestc@imach.com> To: "David Rhodus" <sdrhodus@wildcatblue.com> Cc: <freebsd-isp@FreeBSD.ORG> Sent: Tuesday, April 03, 2001 12:53 PM Subject: Re: Named Keep crashing. > Yes, and do it now. > > You are being attcked. If you were running linux you'd already have been > rooted. > > What is happening is someone is trying to use a linux-specific attack for > bind and bind is exiting with an error because the linux binary that the > attacker is (successfully) trying to get you to run isn't exactly > compatible with freebsd. > > On Tue, 3 Apr 2001, David Rhodus wrote: > > > Date: Tue, 3 Apr 2001 06:53:24 -0400 > > From: David Rhodus <sdrhodus@wildcatblue.com> > > To: freebsd-isp@FreeBSD.ORG > > Subject: Named Keep crashing. > > > > It seems as if about every moring I wake up named is not running. It has crashed during the day also, but now it seems every morning. > > Apr 2 18:11:22 crombie /kernel: pid 27614 (named), uid 0: exited on signal 11 ( > > core dumped) > > Apr 2 23:04:15 crombie /kernel: icmp-response bandwidth limit 201/200 pps > > Do I need to install a new version on bind ? > > > > > > > > David Rhodus > > 859-626-1161 > > 859-527-9688 Pager > > sdrhodus@wildcatblue.com > > > > - Forrest W. Christian (forrestc@imach.com) AC7DE > ---------------------------------------------------------------------- > iMach, Ltd., P.O. Box 5749, Helena, MT 59604 http://www.imach.com > Solutions for your high-tech problems. (406)-442-6648 > ---------------------------------------------------------------------- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?016601c0bcc2$1768df00$6405a8c0>