Possible Security Concern?
 

Hi! These DNS messages are showing up in my /var/log/messages log what could this mean? Does this mean that other parities are using me as their DNS server? If so how do we stop this?


Dec 14 13:41:10 mail named[3006]: lame server resolving 'web.da-us.citibank.com' (in 'web.da-us.citibank.com'?): 192.193.180.74#53
Dec 14 13:51:50 mail named[3006]: lame server resolving 'web.da-us.citibank.com' (in 'web.da-us.citibank.com'?): 192.193.180.74#53
Dec 14 16:31:23 mail named[3006]: lame server resolving 'www.budget.com' (in 'bu dget.com'?): 198.151.36.1#53
Dec 14 16:38:27 mail named[3006]: lame server resolving 'www.ritecounter.com' (i n 'ritecounter.com'?): 66.235.251.136#53
Dec 14 16:38:28 mail named[3006]: lame server resolving 'www.ritecounter.com' (i n 'ritecounter.com'?): 66.235.251.140#53
Dec 14 17:14:23 mail named[3006]: lame server resolving 'elbo.ws' (in 'ws'?): 20 2.4.48.217#53
Dec 14 18:04:01 mail named[3006]: lame server resolving 'www.bloghub.com' (in 'b loghub.com'?): 72.232.34.210#53
Dec 14 18:04:01 mail named[3006]: lame server resolving 'www.bloghub.com' (in 'b loghub.com'?): 72.36.150.162#53

A lame server in DNS means that the server responding is not authoritative for a domain which has been delegated to it. In general you can ignore those messages. If you'd like to disable them add:

To your named.conf file.

Thanks, I thought this meant that people were using this server as a DNS resolver. I'll add the comments to the config.