Steve Suhre wrote:
Thanks, I think that's what I was looking for. I expect the "ISP" is in another country somewhere and would be hard to reach, if they could be reached at all. And it's probably a bad reference somewhere to the server here, so shutting of recursive queries could help... If I shut named off for an hour or two they go away, so I'm guessing the offending server switches to the secondary and gets what it's looking for?
In any case you should only allow recursive queries for your trusted clients and/or downstream nameservers which forward to you.
Otherwise a) you produce outgoing traffic when some stranger wants to b) your dns cache can easily be poisoned because of a) cheers simon -- Serve - BSD +++ RENT this banner advert +++ ASCII Ribbon /"\ Work - Mac +++ space for low €€€ NOW!1 +++ Campaign \ / Party Enjoy Relax | http://dragonflybsd.org Against HTML \ Dude 2c 2 the max ! http://golden-apple.biz Mail + News / \ _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
