Many udp ports open in bind 9.5.1
Mark_Andrews at isc.org
Sat Feb 14 08:26:45 UTC 2009
> Ok, it is not problem bind-9.5.1, but before upgrade I had bind9.5.0-
> P2 in which there was no established udp socket from foreign users.
> Otherwise, How can I take down this user (crackerjack.net) which is
> all the time established ?
> I put him in IP tables but it seems to be same state.
It is YOUR system connecting to crackerjack.net not the
other way around. You could mark the address as bogus in
named.conf but that will make some lookups fail.
If you are really worried find out which queries are being
made to crackerjack.net using tcpdump.
tcpdump -n -v host crackerjack.net and port 53
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users