I've this in my log:
Apr 9 16:21:04 44101 named: client 18.104.22.168#52336: query (cache) 'isc.org/ANY/IN' denied
What does it means, how can I prevent it on my Ubuntu 12.10?
I have same problem
Funnily enough I was just searching for the same thing myself yesterday. I managed to find this old article which seems to suggest that this may be someone trying to force your server to contribute to a DDOS attack on another server, in your case isc.org. By submitting a request that appears to come from 22.214.171.124, they hope to flood 126.96.36.199 with replies that it didn't ask for. If I'm understanding this correctly, and I hope someone will tell me if I'm not!, the fact that the slog say 'denied' means that your nameserver didn't allow a recursive DNS query, which is as it should be, and there is no cause for alarm. Everything is working as it should. At least that's how I understood it.
Hope this helps!
|All times are GMT +2. The time now is 13:33.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.