Hack Attempt?

Vernon Schryver vjs at rhyolite.com
Wed Mar 27 17:20:00 UTC 2013


> You wouldn't normally expect to see NOTIFY from clients, but maybe that 
> IP is (or thinks it is) a master for a zone you slave?

or it thinks it is an authoritative slave and hasn't been told with
"notify master-only;" to not send NOTIFY messages.

http://ftp.isc.org/isc/bind9/cur/9.9/doc/arm/Bv9ARM.ch06.html#options

  notify

    If yes (the default), DNS NOTIFY messages are sent when a zone
    the server is authoritative for changes, see the section called
    "Notify". The messages are sent to the servers listed in the
    zone's NS records (except the master server identified in the
    SOA MNAME field), and to any servers listed in the also-notify
    option.

    If master-only, notifies are only sent for master zones. If
    explicit, notifies are sent only to servers explicitly listed
    using also-notify. If no, no notifies are sent.


Vernon Schryver    vjs at rhyolite.com



More information about the bind-users mailing list