Logwatch Unmatched Entries
Eric Paulsen
epaulsen at smls.org
Sat Aug 15 23:13:59 UTC 2009
I've recently moved our DNS from FreeBSD 4 / Bind8 to CentOS 5.3
Bind9.4.3. These are not authoritative for any routable domains but
are for my NAT'd school network. I have an AD server (10.1.60.11) that
forwards to my two Bind servers. I receive the logwatch each night and
have some questions.
1) Zone update refused from my windows workstations.
Zone update refused:
10.1.60.11 (60.1.10.IN-ADDR.ARPA/IN): 24 Time(s)
10.1.60.11 (smls.org/IN): 48 Time(s)
10.1.60.122 (smls.org/IN): 4 Time(s)
10.1.60.82 (smls.org/IN): 8 Time(s)
10.1.60.84 (smls.org/IN): 12 Time(s)
10.1.60.85 (smls.org/IN): 15 Time(s)
10.1.60.89 (smls.org/IN): 1 Time(s)
What are these machines trying to do?
2) Unmatched Entries
chase DS servers resolving '165.55.65.in-addr.arpa/DS/IN':
65.55.226.140#53: 21 Time(s)
must-be-secure resolving '205.in-addr.arpa.dlv.isc.org/DLV/IN':
199.6.0.29#53: 1 Time(s)
must-be-secure resolving '216.in-addr.arpa.dlv.isc.org/DLV/IN':
149.20.64.4#53: 1 Time(s)
no valid DS resolving '187.37.55.65.in-addr.arpa/PTR/IN':
68.115.71.53#53: 1 Time(s)
no valid DS resolving '2.16.11.168.in-addr.arpa/PTR/IN':
68.115.71.53#53: 1 Time(s)
no valid DS resolving 'org.dlv.isc.org/DLV/IN': 199.254.63.254#53:
2 Time(s)
no valid DS resolving 'org.dlv.isc.org/DLV/IN': 199.6.0.29#53: 1
Time(s)
...snip...
no valid RRSIG resolving '16.11.168.in-addr.arpa/DS/IN':
127.0.0.1#53: 1 Time(s)
no valid RRSIG resolving '16.11.168.in-addr.arpa/DS/IN':
131.144.4.10#53: 1 Time(s)
no valid RRSIG resolving '16.11.168.in-addr.arpa/DS/IN':
131.144.4.9#53: 1 Time(s)
...snip...
not insecure resolving '55.65.in-addr.arpa/NS/IN': 127.0.0.1#53:
19 Time(s)
not insecure resolving '55.65.in-addr.arpa/NS/IN':
207.46.66.126#53: 19 Time(s)
not insecure resolving '55.65.in-addr.arpa/NS/IN':
213.199.161.77#53: 19 Time(s)
not insecure resolving '55.65.in-addr.arpa/NS/IN':
24.196.64.53#53: 19 Time(s)
not insecure resolving '55.65.in-addr.arpa/NS/IN': 64.4.59.173#53:
19 Time(s)
not insecure resolving '55.65.in-addr.arpa/NS/IN':
65.55.226.140#53: 19 Time(s)
not insecure resolving '55.65.in-addr.arpa/NS/IN': 65.55.37.62#53:
19 Time(s)
not insecure resolving '55.65.in-addr.arpa/NS/IN':
68.115.71.53#53: 19 Time(s)
not insecure resolving 'isc.org/NS/IN': 199.254.63.254#53: 1 Time(s)
not insecure resolving 'isc.org/NS/IN': 199.6.1.30#53: 1 Time(s)
not insecure resolving 'isc.org/NS/IN': 68.115.71.53#53: 1 Time(s)
not insecure resolving 'se/DNSKEY/IN': 130.239.5.114#53: 1 Time(s)
not insecure resolving 'se/DNSKEY/IN': 192.36.133.107#53: 1 Time(s)
not insecure resolving 'se/DNSKEY/IN': 192.71.53.53#53: 1 Time(s)
validating @0xab01de0: 205.in-addr.arpa.dlv.isc.org DLV: must be
secure failure: 1 Time(s)
validating @0xb49fe660: 216.in-addr.arpa.dlv.isc.org DLV: must be
secure failure: 1 Time(s)
What do these log entries mean? Anything to worry about?
Thanks for taking the time to help out.
---
Eric
More information about the bind-users
mailing list