Good morning. I upgraded our last resolver this morning to the new P1 code and turned on "rndc querylog". I am seeing a steady stream of these messages with the same IP at a rate of about 100/min.
Jul 30 11:50:39 ns2 named[2780]: [ID 873579 daemon.info] security: info: client 194.85.88.199#22941: query (cache) './ANY/IN' denied Is this an example of the cache exploit attempt? I've already spoken with our INET team about blocking the IP at the firewall a couple of days to see if the automated mechanism stops because of denied access, or if it continues regardless. Thanks, Emery Rudolph Sr. Systems Analyst Office of Information Technology University of Maryland University College Email: [EMAIL PROTECTED]
