how to identify DNS request source?
David Botham
dns at botham.net
Thu Aug 8 21:24:58 UTC 2002
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Hostmaster
> Sent: Thursday, August 08, 2002 4:50 PM
> To: bind-users at isc.org
> Subject: how to identify DNS request source?
>
>
> My named-auth log shows repetitive requests (every 5 minutes) from an
> IP address for both a forward and inverse record. We are not approving
> the request and it is merely loading our name server and growing our
log
> file. I am unable to determine the source of this request. nslookup
yields
> no information. Using Arin I have been able to find out who owns the
IP
So, you know the source IP address of the request.
> address block which includes the requestor's IP address. How can we
> find out who and what the offending culprit is? BTW we are not
Are you asking something like "Hey, is there a master directory of all
IP addresses on the planet that can tell me that name, address, and
telephone number for each IP address in use, in real-time?"
No. There is not. You have the source IP and the responsible ISP. Call
the Net-Block admin/tech contact on the phone or send them an email.
Send them your logs, and tell them what you are upset about.
Dave...
> running dynamic or cahced name servers. Any advice would be most
> appreciated.
More information about the bind-users
mailing list