are these hacking attempts ?
Jim Pazarena
bind at ccstores.com
Fri Mar 31 08:18:29 UTC 2000
I added some "allow-query" & "allow-transfer" substatements to my
named.conf, and subsequently noticed the following in my logs.
Are these hacking attempts? and what would the culprit(s) be looking
for with a lookup of "version.bind" and "1.0.0.127.in-addr.arpa" ?
Mar 4 09:02:55 maila named[3700]: unapproved query from [216.190.250.68].4232 for "1.0.0.127.in-addr.arpa"
Mar 4 09:02:55 maila named[3700]: unapproved query from [216.190.250.68].4245 for "1.0.0.127.in-addr.arpa"
Mar 12 22:38:52 maila named[3700]: unapproved query from [147.4.186.244].1691 for "version.bind"
Mar 24 00:06:39 maila named[105]: unapproved query from [210.169.244.35].1295 for "version.bind"
Mar 24 00:06:39 maila named[105]: unapproved query from [210.169.244.35].1297 for "version.bind"
Mar 27 02:46:52 maila named[105]: unapproved query from [208.10.116.59].1028 for "version.bind"
Mar 27 02:46:53 maila named[105]: unapproved query from [208.10.116.59].1040 for "version.bind"
--
Jim Pazarena mailto:paz at ccstores.com
More information about the bind-users
mailing list