Inspecting BIND security logs, etc.

Forrest Aldrich forrie at navipath.com
Thu Jul 12 16:12:05 UTC 2001


I would like to begin tracking "forwarded" packets on our DNS server -- 
it's not clear to me that there is a way to determine this in the 
logs.   Something we might put into MRTG, perhaps.

Also:  with regards to security concerns, are there particular patterns in 
the BIND logs that we could scan for that would be indicative of "bad 
behavior" such as cache poisoning attempts, et al.   And is such 
information clear or vague about what it might be.


Thanks.



More information about the bind-users mailing list