Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've not seen these before so a) should I be worried and b) can I block the requests via iptables or similar or should I just let the log file fill up ? The IP address changes from time to time so I would need to block using a string rather than just deny the IP address. I'm using CentOS 5.7
1. Is this your public DNS server?
2. Is your DNS server is configured to perform recursive queries?
3. Did you change anything else other than the change related to Webmin.
4. How frequently do you see these messages.
5. Are they from specific IP range or from different IP range.
I don't think it's much to worry about unless your server is a 'public' DNS server
It's just telling you that "client 95.108.156.1" wanted to use your DNS to get the "ns1.game-ion.com" and "ns2.game-ion.com" domain information (IP addr, etc.).
So if your server is Master for this domain and public, then it's something wrong configured (your /var/named.conf file) not allowing to see domain information.
To answer the questions I did an install of Webmin & Virtualmin on a clean CentOS 5.7 install and then simply set a website up. Everything else is standard as Webmin installs it which is why I was a little concerned seeing these messages.
The messages were appearing every minute or two and didn't come from a specific IP range they were all over the place, with some even linking back to a block of IPs that reverse DNS back to Microsoft.
I've stopped the named service which has, obviously, stopped the messages but I would like a "better" solution to this tbh.
I've stopped the named service which has, obviously, stopped the messages but I would like a "better" solution to this tbh.
* First of all please realize that running a web-based management panel is purely convenience: it will never replace theoretical knowledge and practical admin experience.
- You don't need to run a DNS server unless you handle being authoritative one for one or more domains yourself. (And if you are also please understand what you are running, know a PTR from an A or AAAA record, invest in hardening and consider running two slaves in independent networks for redundancy reasons.)
- If you run a DNS server for caching responses only it should not be publicly accessible.
In your BIND configuration file, in the logging section, add a line "category lame-servers { null; };" and restart BIND to see if lame delegation messages disappear:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
