BIND Question

Discussion in 'Server Operation' started by admins, Apr 9, 2013.

  1. admins

    admins Member HowtoForge Supporter

    Hi all
    I've this in my log:
    Apr 9 16:21:04 44101 named[6052]: client 151.236.44.168#52336: query (cache) 'isc.org/ANY/IN' denied

    What does it means, how can I prevent it on my Ubuntu 12.10?

    Thanks
    admins
     
  2. joemiller

    joemiller New Member

    I have same problem

    Funnily enough I was just searching for the same thing myself yesterday. I managed to find this old article which seems to suggest that this may be someone trying to force your server to contribute to a DDOS attack on another server, in your case isc.org. By submitting a request that appears to come from 151.236.44.168, they hope to flood 151.236.44.168 with replies that it didn't ask for. If I'm understanding this correctly, and I hope someone will tell me if I'm not!, the fact that the slog say 'denied' means that your nameserver didn't allow a recursive DNS query, which is as it should be, and there is no cause for alarm. Everything is working as it should. At least that's how I understood it.

    Hope this helps!
     

Share This Page