Terpasaur <[EMAIL PROTECTED]> wrote: > Jul 30 11:50:39 ns2 named[2780]: [ID 873579 daemon.info] security: > info: client 194.85.88.199#22941: query (cache) './ANY/IN' denied
> Is this an example of the cache exploit attempt? Heh, after I read this I enabled the querylog and sure enough, I had an ip address near that one doing the same thing, on both of our servers. I did spot another entry in the logs that isn't a concern but odd to me... client 149.20.56.10#10053: query: not-an-attack.dan-kaminsky.browse-deluvian.doxpara.com IN ANY + The ip address goes back to isc.org so just wondering if there is a spider of sorts running to determine whose name server is running what version or something. -bruce [EMAIL PROTECTED]
