dan
Verified User
I'm finding loads of this in my BIND queries.log file:
I see that they're queries for the root servers, but what is the purpose of all these persistent queries, often 10's per second. Is this an attack, and if so, how can I configure BIND to not respond to these queries?
Thanks,
Dan
Code:
29-Jul-2010 22:04:58.519 client 174.142.218.220#7571: query: . IN NS +
29-Jul-2010 22:04:58.598 client 188.124.8.54#12632: query: . IN NS +
29-Jul-2010 22:04:58.761 client 204.188.249.17#37614: query: . IN NS +
29-Jul-2010 22:04:58.837 client 204.188.249.17#2533: query: . IN NS +
29-Jul-2010 22:04:58.840 client 174.142.218.220#7668: query: . IN NS +
29-Jul-2010 22:04:58.858 client 204.188.249.17#54273: query: . IN NS +
29-Jul-2010 22:04:59.000 client 174.142.218.220#32361: query: . IN NS +
29-Jul-2010 22:04:59.404 client 204.188.249.17#23013: query: . IN NS +
29-Jul-2010 22:04:59.436 client 174.142.218.220#15378: query: . IN NS +
29-Jul-2010 22:04:59.473 client 174.142.218.220#28670: query: . IN NS +
29-Jul-2010 22:04:59.480 client 204.188.249.17#42672: query: . IN NS +
29-Jul-2010 22:04:59.508 client 204.188.249.17#1855: query: . IN NS +
I see that they're queries for the root servers, but what is the purpose of all these persistent queries, often 10's per second. Is this an attack, and if so, how can I configure BIND to not respond to these queries?
Thanks,
Dan