Bind open relay problem maybe??

Discussion in 'ISPConfig 3 Priority Support' started by Turbanator, Jan 29, 2014.

  1. Turbanator

    Turbanator Member HowtoForge Supporter

    Perfect Debian Lenny w/Bind....I know...old.

    This is a Master server.
    dnstop is showing this (2 min snapshot) 2234 30.0 538 7.2 466 6.3 265 3.6 248 3.3 218 2.9

    with the following named.conf.options
    listen-on {localhost;};
    allow-recursion { all my vpn subnets };

    I imagine I'm missing something in order to block outside requests like what seems to be a ddos attack since and not me or anywhere near me.

    I'm also thinking that my setup is fine, but I may have malware somewhere on the network sending these requests but I'm not sure how to tell which computer out of 200 on the vpn.

    Unsure on all fronts.

    Any help would be appreciated...i'm not even sure whwere to start. I wonder if there is a BIND setting to block query to
    Last edited: Jan 29, 2014
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    If you have only your local IP adresses and IP's of server / subnets you own in the "allow-recursion" recursion settings, then your bind server is not a open resolver. But you should check the file named.conf.options as well, in case that there is a different recusrion setting.

Share This Page