On Tue, 2013-04-16 at 05:27 -0400, Barry Margolin wrote: > In article <mailman.130.1366101804.20661.bind-us...@lists.isc.org>, > Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > > > they apparently expect your nameserver to provide resursive DNS service for > > your company while it may not be intended for that use... some customers > > (well, not only customers...) do not understand the difference between > > authoritative and recursive DNS service and may try to use servers for > > purpose not intended. Some may also complain if the service does not work > > properly > > If they were using his server as a resolver, wouldn't he see queries for > lots of random hostnames (including popular domains like www.google.com, > www.yahoo.com, etc.), not just isc.org? >
These seems like some attack going on, after reading the mails i also check my recursive server and found a lot of these in my logs: 16-Apr-2013 11:31:35.743 security: info: client 101.226.167.13#55818: query (cache) 'xliar.com/A/IN' denied 16-Apr-2013 11:31:35.776 security: info: client 101.226.167.13#53710: query (cache) 'www.baidu.com/A/IN' denied 16-Apr-2013 11:31:35.813 security: info: client 182.118.40.31#42505: query (cache) 'www.baidu.com/A/IN' denied 16-Apr-2013 11:31:36.187 security: info: client 220.181.156.90#59278: query (cache) 'hao.360.cn/A/IN' denied 16-Apr-2013 11:31:36.225 security: info: client 220.181.156.90#50194: query (cache) 'www.360.cn/A/IN' denied 16-Apr-2013 11:31:36.253 security: info: client 220.181.156.90#33551: query (cache) 'www.so.com/A/IN' denied 16-Apr-2013 11:31:36.574 security: info: client 182.118.40.31#36470: query (cache) 'xliar.com/A/IN' denied 16-Apr-2013 11:31:36.587 security: info: client 182.118.40.31#51191: query (cache) 'www.so.com/A/IN' denied 16-Apr-2013 11:31:36.691 security: info: client 117.21.187.20#47169: query (cache) 'hao.360.cn/A/IN' denied 16-Apr-2013 11:31:36.705 security: info: client 183.60.211.65#32809: query (cache) 'www.so.com/A/IN' denied 16-Apr-2013 11:31:36.722 security: info: client 117.21.187.20#54942: query (cache) 'www.so.com/A/IN' denied 16-Apr-2013 11:31:36.733 security: info: client 117.21.187.20#50493: query (cache) 'down.360.cn/A/IN' denied 16-Apr-2013 11:31:36.761 security: info: client 182.118.40.31#54391: query (cache) 'hao.360.cn/A/IN' denied 16-Apr-2013 11:31:36.762 security: info: client 120.128.6.42#56439: query (cache) 'down.360.cn/A/IN' denied 16-Apr-2013 11:31:36.798 security: info: client 120.128.6.42#52172: query (cache) 'www.360.cn/A/IN' denied my server is not an open recursive server its only open to my clients and these are not even from my country. Kebba _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
