Inspecting BIND security logs, etc.
Forrest Aldrich
forrie at navipath.com
Thu Jul 12 16:12:05 UTC 2001
I would like to begin tracking "forwarded" packets on our DNS server --
it's not clear to me that there is a way to determine this in the
logs. Something we might put into MRTG, perhaps.
Also: with regards to security concerns, are there particular patterns in
the BIND logs that we could scan for that would be indicative of "bad
behavior" such as cache poisoning attempts, et al. And is such
information clear or vague about what it might be.
Thanks.
More information about the bind-users
mailing list