On Mon, Jul 12, 2010 at 9:37 AM, Bill Thoen <[email protected]> wrote: > Recently, I started seeing errors like the following (see below) in the > named section of my Logwatch log. Googling for help on it turned up > another message with the same symtom, but the only response was "run rpm > -q bind dnssec-conf unbound and tell us what it says. Since there was no > follow-up, I still don't know what's happening or what to do about it. > Looking at which servers that are affected by this makes me wonder if I > should care. With names like btc-net.bg, ekk-bg, powernet.bg, comnet.bg, > icon.bg, etc. they look like spammers to me and maybe I should just > ignore them. I just don't like to see line and lines of error messages > in my logfiles every day that I don't understand. > > Anyway here's my system details: > [r...@www ~]# uname -a > Linux www.gisnet.com 2.6.30.10-105.2.23.fc11.x86_64 #1 SMP Thu Feb 11 > 07:06:34 UTC 2010 x86_64 x86_64 x86_64 GNU/Linux > > And here's the results of what they asked that other guy: > [r...@www ~]# rpm -q bind dnssec-conf unbound > bind-9.6.2-4.P2.fc11.x86_64 > package dnssec-conf is not installed > unbound-1.4.4-2.fc11.x86_64 > (unless I _need_ to install this, I just as soon not. I'm trying to > limit the files on my system to just the ones that I need.) > > Next, before I put a copy of my named.conf file in a public forum, are > there any security issues I need to know about before I do something dumb? > > And finally , this all started just a few days ago, and it's happening > to other people too. As far as I know, I don't have any reason to have > anything to do with these busy Bulgarian servers, so is there an easy > way to just stop them at the door before they even get far enough to > trigger these errors? > TIA, > - Bill Thoen > > Partial Error listing from my Logwacth log: > > validating @0x7fc04806c240: btc-net.bg SOA: bad cache hit > (btc-net.bg/DS): 1 Time(s) > validating @0x7fc04806c240: ekk.bg SOA: bad cache hit (ekk.bg/DS): 2 > Time(s) > validating @0x7fc04806c240: powernet.bg SOA: bad cache hit > (powernet.bg/DS): 1 Time(s) > validating @0x7fc050411f60: comnet.bg SOA: bad cache hit (comnet.bg/DS): > 1 Time(s) > validating @0x7fc050416d70: comnet.bg SOA: bad cache hit (comnet.bg/DS): > 1 Time(s) > validating @0x7fc05076c4f0: comnet.bg SOA: bad cache hit (comnet.bg/DS): > 1 Time(s) > validating @0x7fc0507fc550: comnet.bg SOA: bad cache hit (comnet.bg/DS): > 1 Time(s) > validating @0x7fc0507fe570: btc-net.bg SOA: bad cache hit > (btc-net.bg/DS): 1 Time(s) > validating @0x7fc048014970: bg DNSKEY: please check the 'trusted-keys' for > 'bg' in named.conf.: 1 Time(s) > validating @0x7fc048014970: bg DNSKEY: unable to find a DNSKEY which > verifies the DNSKEY RRset and also matches one of specified trusted-keys for > 'bg': 1 Time(s) > validating @0x7fc048014970: icon.bg NS: bad cache hit (icon.bg/DS): 1 > Time(s) > validating @0x7fc048019650: bg DNSKEY: please check the 'trusted-keys' for > 'bg' in named.conf.: 1 Time(s) > validating @0x7fc048019650: bg DNSKEY: unable to find a DNSKEY which > verifies the DNSKEY RRset and also matches one of specified trusted-keys for > 'bg': 1 Time(s) > validating @0x7fc048020690: bg DNSKEY: please check the 'trusted-keys' for > 'bg' in named.conf.: 6 Time(s) > validating @0x7fc048020690: bg DNSKEY: unable to find a DNSKEY which > verifies the DNSKEY RRset and also matches one of specified trusted-keys for > 'bg': 6 Time(s) > > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug >
Probably nothing to worry about, just remove any security stuff from the named.conf and post it Drew- _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
