BIND unappproved updates
Thomas Kellar
tkellar at fsp.fsp.com
Tue Feb 13 14:53:16 UTC 2001
Can anyone give any helpful answers:
I have been receiving upapproved updates from a IP on concentric.net, now
xo.com and have been unable to get them to stop. I have emailed
abuse at xo.com, (3X) abuse at concentric.net,postmaster at speerfulvio.com and my
ISP has done the same. They (xo) list a telephone number to call but
suggest not calling it. This is BIND related because this seems to be a
misconfigured computer and BIND is distributed widely over Internet and
subject to misconfigured computers everywhere. This is not the only IP
address I get unapproved updates from. There is a cable modem that sends
them every so often too. Does anyone have any idea what sort of
misconfiguration would cause someone to update my domain of fsp.com? It
does not look like a Win2K computer but what else does pcanywhere run on?
Thomas Kellar
--
w8twk Freelance Systems Programming http://www.fsp.com
------------------------------------------------------------------------
Feb 12 21:54:42 fsp named[7988]: unapproved update from [208.36.84.154].7525 for FSP.COM
Feb 12 21:54:48 fsp named[7988]: unapproved update from [208.36.84.154].3222 for FSP.COM
[ .... 254 lines elided here .... ]
Feb 13 09:16:34 fsp named[7988]: unapproved update from [208.36.84.154].5587 for FSP.COM
Feb 13 09:17:45 fsp named[7988]: unapproved update from [208.36.84.154].4309 for FSP.COM
Starting nmap V. 2.52 by fyodor at insecure.org ( www.insecure.org/nmap/ )
Interesting ports on mail.speerfulvio.com (208.36.84.154):
(The 1515 ports scanned but not shown below are in state: closed)
Port State Service
23/tcp open telnet
25/tcp open smtp
80/tcp open http
110/tcp open pop-3
5631/tcp open pcanywheredata
TCP Sequence Prediction: Class=trivial time dependency
Difficulty=5 (Trivial joke)
Remote operating system guess: Cisco Catalyst 1900 switch or Netopia DSL/ISDN router or Bay 450
Nmap run completed -- 1 IP address (1 host up) scanned in 21 seconds
More information about the bind-users
mailing list