Hello,
I have two machines running Mandrake 8.0 with Bind DNS server. Machine A is the
primary DNS that stores master zone records, and Machine B is the secondary DNS that
stores slave records of the zones in Machine A. Zone transfer from Machine A to
Machine B is set. In the past, zone transfer is not a problem, but lately I found
that zones in Machine B is not in sync with Machine A. I read in Machine B's log and
found error messages that said "could not transfer from <Machine A IP>#53". Then, I
port scan Machine A and found that the TCP port #53 is not opened, and no matter how
many times I restart Bind the #53 port in Machine A would still not be open (The #53
TCP port on Machine B is open) I remember in the past when I port scan Machine A, TCP
port #53 would be opened. How could I re-open #53 TCP port in Machine A, and might
this be the problem of zones could not transfer from Machine A to Machine B?
Also, during portscan I found that there are some services that I don't know has
opened some TCP and UDP ports on my machines. Is there anyway to find out what this
ports are for, track down the program that is using this port, and stop that program
if I don't need it? e.g. I found a "blackjack" service that has opened a UDP port in
one of my machines, but when I "ps" that machine I could not find a "blackjack"
program. I am just afraid that this "blackjack" program might be some nasty stuff of
someone hacked into my system.....
Thank you for any help
Regards,
Jason
