hammering my server with bad queries
thomas at madeforchina.com
Fri Mar 30 00:16:15 UTC 2001
Ok, so the ex-dns admin used to call our primary nameserver ns1 and ns2.madeforchina.com.
I've changed that a while ago, but I look into one of my advertised servers and see someone is hammering my nameserver:
29-Mar-2001 19:05:33.566 XX /220.127.116.11/ns1.madeforchina.com/A/IN
29-Mar-2001 19:05:33.567 XX /18.104.22.168/ns2.madeforchina.com/A/IN
29-Mar-2001 19:05:34.076 XX /22.214.171.124/ns1.madeforchina.com/A/IN
29-Mar-2001 19:05:34.077 XX /126.96.36.199/ns2.madeforchina.com/A/IN
I found out that Shanghai Telecom's dialup DNS server is hammering us:
29-Mar-2001 19:15:14.713 XX /188.8.131.52/ns1.madeforchina.com/A/IN
29-Mar-2001 19:15:14.714 XX /184.108.40.206/ns2.madeforchina.com/A/IN
220.127.116.11=nns.sta.net.cn => shanghai telecom dns server
The company I work for owns about 70-80 domains and I'm currently going through them to search for their nameservers...aside from this tedious method, could there be another smarter way to find the answer? Currently we are only really using three domain names actively : 51mymail.com, madeforchina.com and 51go.com
I know, I could create records for ns1 and ns2, but this is really bothering me...I wanna find out why they are pounding my nameserver.
More information about the bind-users