duncan
Verified User
Hi All,
Up until a few weeks I had recursive DNS enabled on my system - not for any particular reason, but it must have always been like that, and never caused any trouble. That stopped in February when my bandwidth consumption exploded as this 'vulnerability' was taken advantage of. Lesson learned, recursion has now been turned off and bandwidth consumption fell dramatically.
One lingering problem I have is dozens of log entries per second from denied DNS attempts. The logs are becoming unbearably large. I ideally would like to screen out these entries only, although if I have to, I'd opt for totally disabling named logging for now. Any ideas would be MUCH appreciated!
Up until a few weeks I had recursive DNS enabled on my system - not for any particular reason, but it must have always been like that, and never caused any trouble. That stopped in February when my bandwidth consumption exploded as this 'vulnerability' was taken advantage of. Lesson learned, recursion has now been turned off and bandwidth consumption fell dramatically.
One lingering problem I have is dozens of log entries per second from denied DNS attempts. The logs are becoming unbearably large. I ideally would like to screen out these entries only, although if I have to, I'd opt for totally disabling named logging for now. Any ideas would be MUCH appreciated!
Code:
Mar 3 11:26:26 vps named[11352]: client 94.11.239.97#23787: query (cache) './ANY/IN' denied
Mar 3 11:26:26 vps last message repeated 14 times
Mar 3 11:26:26 vps named[11352]: client 94.11.239.97#58048: query (cache) './ANY/IN' denied
Mar 3 11:26:26 vps last message repeated 14 times
Mar 3 11:26:26 vps named[11352]: client 94.11.239.97#10222: query (cache) './ANY/IN' denied
Mar 3 11:26:26 vps last message repeated 14 times
Mar 3 11:26:26 vps named[11352]: client 95.130.170.57#25345: query (cache) 'isc.org/ANY/IN' denied
Mar 3 11:26:26 vps named[11352]: client 94.11.239.97#21197: query (cache) './ANY/IN' denied
Mar 3 11:26:26 vps last message repeated 14 times
Mar 3 11:26:26 vps named[11352]: client 94.11.239.97#47064: query (cache) './ANY/IN' denied
Mar 3 11:26:26 vps last message repeated 14 times
Mar 3 11:26:26 vps named[11352]: client 94.11.239.97#40270: query (cache) './ANY/IN' denied
Mar 3 11:26:26 vps last message repeated 14 times
Mar 3 11:26:27 vps named[11352]: client 95.130.170.57#25345: query (cache) 'isc.org/ANY/IN' denied
Mar 3 11:26:27 vps named[11352]: client 95.130.170.57#25345: query (cache) 'isc.org/ANY/IN' denied
Mar 3 11:26:27 vps named[11352]: client 93.166.208.215#41719: query (cache) './ANY/IN' denied
Mar 3 11:26:27 vps last message repeated 11 times
Mar 3 11:26:27 vps named[11352]: client 95.130.170.57#25345: query (cache) 'isc.org/ANY/IN' denied