Date: Sat, 29 Jan 2000 08:34:49 -0800 (PST) From: Samara McCord <mccord@zytek.com> To: oogali@intranova.net, sthaug@nethelp.no Cc: freebsd-security@FreeBSD.ORG, mccord@zytek.com Subject: Re: Continual DNS requests from mysterious IP Message-ID: <200001291634.IAA36101@floozy.zytek.com> In-Reply-To: <98581.949158146@verdi.nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
>The problem is that: > >- These queries are directed to machines which have nothing to do with >aol.com (and are not authoritative name servers for aol.com). > >- These queries are being repeated indefinitely. > >(Yes, it's happening here too.) Also, let me point out that in my case the 500 byte response (containing the full list of AOLs MX targets) *was* being happily returned until I started blocking the IP address. Of course there may be a firewall on the other end which prevented the responses from being delivered all the way through but I can say the there were no ICMP messages generated from the UDP DNS response. But this also brings up my other point. Correct me if I'm wrong, but my DNS servers shouldn't ever have to deliver the MX records for aol.com (or any domain for which I don't serve), except to my own internal machines and for my own customers, right? Sam To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001291634.IAA36101>