DNS Attacks
James Kosin
jkosin at beta.intcomgrp.com
Fri Jul 25 17:35:21 UTC 2008
Wolfgang S. Rupprecht wrote:
> James Kosin <jkosin at beta.intcomgrp.com> writes:
>> client 143.215.143.11 query (cache) 'com/ANY/IN' denied: 30 Time(s)
>> client 143.215.143.11 query (cache) 'gmail.com/ANY/IN' denied: 32
>> Time(s)
>> client 143.215.143.11 query (cache) 'hotmail.com/ANY/IN' denied: 31
>
> Thanks for posting. Maybe this will light a fire under the folks that
> haven't upgraded yet.
>
> Did you have to turn any extra logging on to get these message?
>
> -wolfgang
No, these are sent every day by logwatch. I'm running a server 24/7; so
logwatch runs as a cronjob.
But, the patches out don't fix the issue totally. That would require a
complete re-write of the DNS and how DNS works. This is something
already in the works.
The patch just makes it more difficult to trigger the issue. I'm using
the patched version of 9.4.2-P1.
Just look at your root email, if you check it or leave the computer ON 24/7.
James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080725/38773e8a/attachment-0001.sig>
More information about the fedora-list
mailing list