> To: comp-protocols-dns-b...@isc.org > From: "Tony Toews [MVP]" <tto...@telusplanet.net> > Subject: What are these entries in the log file - " query: . IN NS +"? > Date: Mon, 26 Jan 2009 21:45:18 GMT > > Folks > > Warning - I know just enough about Bind to be dangerous. Which is > why I'm asking. > > I just noticed that our small scale Bind server as a lot of the > following lines. > > 26-Jan-2009 14:28:24.004 client 76.9.16.171#23101: query: . IN NS + > 26-Jan-2009 14:28:58.254 client 63.217.28.226#28035: query: . IN NS + > 26-Jan-2009 14:29:00.691 client 63.217.28.226#35549: query: . IN NS + > 26-Jan-2009 14:29:26.332 client 76.9.16.171#19817: query: . IN NS + > > As far as I can tell from the same 5 or 20 IP addresses. I haven't > seen these lines before. > > 1) What am I doing wrong? If anything.
You are doing nothing wrong. > 2) What are they? They look like the DDoS being discussed on the NANOG list. Have you implemented BCP38? If not, why not... Regards, Gregory Hicks --------------------------------------------------------------------- Gregory Hicks | Principal Systems Engineer | Direct: 408.569.7928 People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf -- George Orwell The price of freedom is eternal vigilance. -- Thomas Jefferson "The best we can hope for concerning the people at large is that they be properly armed." --Alexander Hamilton _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users