Why is someone asking me for ". IN NS"?
David Botham
dns at botham.net
Mon Aug 5 17:13:14 UTC 2002
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Anders K.
> Sent: Monday, August 05, 2002 12:51 PM
> To: comp-protocols-dns-bind at isc.org
> Subject: Why is someone asking me for ". IN NS"?
>
> I run a caching DNS server for my LAN, and lately I've been getting
lots
> of
> messages about denied queries. After enabling query logging, I figured
out
> that someone is querying my server for ". IN NS":
>
> Aug 05 12:25:38.444 queries: info: client 64.71.156.114#54429: query:
. IN
> NS
> Aug 05 12:25:38.448 security: info: client 64.71.156.114#54429: query
> (cache) denied
>
> $ host 64.71.156.114
> 114.156.71.64.in-addr.arpa is an alias for
> 114.subnet112.156.71.64.in-addr.arpa.
> 114.subnet112.156.71.64.in-addr.arpa domain name pointer
> 3dns-a.he-fre-ca.us.byterage.net.
>
> When I query myself for ". IN NS", all I get is some information about
> root
> servers. (I get the same information if I query my ISP's DNS server.)
So
> my
> question is, who is this guy and why is he asking me about the root
> servers?
Could be that the user has your name servers in his resolv.conf file and
is typing:
dig
at the commandline...
Dave...
>
> Anders
>
More information about the bind-users
mailing list