Hi,
My var/log/messages is getting big in a very short time sinds 2 days ( at the moment 600 MB sinds 18 hours ).
The log contains messages like:
Dec 1 11:57:54 office named[3026]: client @0x7f84b010e5c0 74.135.83.157#37650 (.): query (cache) './ANY/IN' denied
Dec 1 11:57:54 office named[3026]: client @0x7f84b00ffe20 74.135.83.157#37650 (.): query (cache) './ANY/IN' denied
Dec 1 11:57:54 office named[3026]: client @0x7f84b00ffe20 74.135.83.157#37650 (.): query (cache) './ANY/IN' denied
I was looking for an explanation of these messages, but I can't find a very good explanation.
I saw this thread: https://forum.directadmin.com/threads/named-query-cache.60851/
But is it a DDOS attack? Because in other topics on the internet it also could be a problem with Ipv6 ( is it? )?
My website's & server are working ok, reachable, and i dont have any problems, except that this log file is increasing hard and I monitor the size of it, but not sure what to do at the moment.
I also saw similar messages like the thread i mentioned, but there you can see most of the time a domainname, in my log file you only see ANY and the "." because i dont know how to read these log files, i dont know if i must ignore them or not.
Then latest question: why i see hex files in the log file? ( and how to read them ? )
Thanks in advance!
My var/log/messages is getting big in a very short time sinds 2 days ( at the moment 600 MB sinds 18 hours ).
The log contains messages like:
Dec 1 11:57:54 office named[3026]: client @0x7f84b010e5c0 74.135.83.157#37650 (.): query (cache) './ANY/IN' denied
Dec 1 11:57:54 office named[3026]: client @0x7f84b00ffe20 74.135.83.157#37650 (.): query (cache) './ANY/IN' denied
Dec 1 11:57:54 office named[3026]: client @0x7f84b00ffe20 74.135.83.157#37650 (.): query (cache) './ANY/IN' denied
I was looking for an explanation of these messages, but I can't find a very good explanation.
I saw this thread: https://forum.directadmin.com/threads/named-query-cache.60851/
But is it a DDOS attack? Because in other topics on the internet it also could be a problem with Ipv6 ( is it? )?
My website's & server are working ok, reachable, and i dont have any problems, except that this log file is increasing hard and I monitor the size of it, but not sure what to do at the moment.
I also saw similar messages like the thread i mentioned, but there you can see most of the time a domainname, in my log file you only see ANY and the "." because i dont know how to read these log files, i dont know if i must ignore them or not.
Then latest question: why i see hex files in the log file? ( and how to read them ? )
Thanks in advance!