packet filtering on nameserver

lehman Thu, 03 May 2001 08:12:30 -0700
Hello list,

Quick question..
I have recently been noticing large blocks, like the excerpt below, in
my logs
on one of my nameservers repeating sereral times per day.
I am packet filtering on the machine (xxx.xxx.xxx.xxx) to restrict
traffic from everyone on the internet except those who know about it and

should be talking to it.
Do these look like attempts to flood/compromise the server?
Thanks for any input..


May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
216.220.39.42:59010 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=245
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
216.33.35.214:16982 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=241
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
64.37.200.46:28705 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=243
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
63.209.147.246:52343 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=244
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
140.239.176.162:33194 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=239
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
194.205.125.26:19710 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=243
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
212.78.160.237:15681 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=238
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
209.249.97.40:47219 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=243
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
64.78.235.14:45335 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=244
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
208.184.162.71:24408 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=243
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
207.55.138.206:13237 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=242
(#37)
May  3 08:23:41 ns3 kernel: Packet log: input DENY eth0 PROTO=6
62.26.119.34:57770 xxx.xxx.xxx.xxx:53 L=44 S=0x00 I=0 F=0x0000 T=242
(#37)




-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
packet filtering on nameserver

Reply via email to
