On Mon, Jan 9, 2012 at 1:37 PM, babu dheen <babudh...@yahoo.co.in> wrote: > Unfortunately, i have not enabled logs in my internal DNS server.
You just dismissed the only reliable source of information > > Any idea .. Without logs, you only have assumptions. The best assumption at this point is that the client probably has a virus/malware, whose activity (one of them anyway) is to look for vulnerable DNS servers. -- Fajar _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users