LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Possible Security Concern? (http://www.linuxquestions.org/questions/linux-security-4/possible-security-concern-510726/)

keysorsoze 12-15-2006 10:40 AM

Possible Security Concern?
 
Hi! These DNS messages are showing up in my /var/log/messages log what could this mean? Does this mean that other parities are using me as their DNS server? If so how do we stop this?


Dec 14 13:41:10 mail named[3006]: lame server resolving 'web.da-us.citibank.com' (in 'web.da-us.citibank.com'?): 192.193.180.74#53
Dec 14 13:51:50 mail named[3006]: lame server resolving 'web.da-us.citibank.com' (in 'web.da-us.citibank.com'?): 192.193.180.74#53
Dec 14 16:31:23 mail named[3006]: lame server resolving 'www.budget.com' (in 'bu dget.com'?): 198.151.36.1#53
Dec 14 16:38:27 mail named[3006]: lame server resolving 'www.ritecounter.com' (i n 'ritecounter.com'?): 66.235.251.136#53
Dec 14 16:38:28 mail named[3006]: lame server resolving 'www.ritecounter.com' (i n 'ritecounter.com'?): 66.235.251.140#53
Dec 14 17:14:23 mail named[3006]: lame server resolving 'elbo.ws' (in 'ws'?): 20 2.4.48.217#53
Dec 14 18:04:01 mail named[3006]: lame server resolving 'www.bloghub.com' (in 'b loghub.com'?): 72.232.34.210#53
Dec 14 18:04:01 mail named[3006]: lame server resolving 'www.bloghub.com' (in 'b loghub.com'?): 72.36.150.162#53

macemoneta 12-15-2006 12:13 PM

A lame server in DNS means that the server responding is not authoritative for a domain which has been delegated to it. In general you can ignore those messages. If you'd like to disable them add:

Code:

logging {
        category        lame-servers    {null; };
};

To your named.conf file.

keysorsoze 12-15-2006 01:36 PM

Thanks, I thought this meant that people were using this server as a DNS resolver. I'll add the comments to the config.


All times are GMT -5. The time now is 10:10 AM.