huge count of DNS deny hits

Fajar A. Nugraha work at fajar.net
Mon Jan 9 06:46:17 UTC 2012


On Mon, Jan 9, 2012 at 1:37 PM, babu dheen <babudheen at yahoo.co.in> wrote:
> Unfortunately, i have not enabled logs in my internal DNS server.

You just dismissed the only reliable source of information

>
> Any idea ..

Without logs, you only have assumptions. The best assumption at this
point is that the client probably has a virus/malware, whose activity
(one of them anyway) is to look for vulnerable DNS servers.

-- 
Fajar



More information about the bind-users mailing list