From owner-freebsd-security Sat Jan 29 8:42:49 2000 Delivered-To: freebsd-security@freebsd.org Received: from quaggy.ursine.com (lambda.blueneptune.com [209.133.45.179]) by hub.freebsd.org (Postfix) with ESMTP id 52FB714A17 for ; Sat, 29 Jan 2000 08:42:47 -0800 (PST) (envelope-from fbsd-security@ursine.com) Received: from michael (lambda.ursine.com [209.133.45.69]) by quaggy.ursine.com (8.9.3/8.9.3) with ESMTP id IAA79733 for ; Sat, 29 Jan 2000 08:42:46 -0800 (PST) Message-ID: <200001290842460680.22E3EFC9@quaggy.ursine.com> In-Reply-To: <200001291634.IAA36101@floozy.zytek.com> References: <200001291634.IAA36101@floozy.zytek.com> X-Mailer: Calypso Version 3.00.00.13 (2) Date: Sat, 29 Jan 2000 08:42:46 -0800 From: "Michael Bryan" To: freebsd-security@FreeBSD.ORG Subject: Re: Continual DNS requests from mysterious IP Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 1/29/00 at 8:34 AM Samara McCord wrote: >But this also brings up my other >point. Correct me if I'm wrong, but my DNS servers shouldn't ever have >to deliver the MX records for aol.com (or any domain for which I don't >serve), except to my own internal machines and for my own customers,= right? If somebody has manually setup their system to use you as a DNS resolver, then you will get packets for any and all DNS requests they make, no matter where they are on the Internet. Not a very smart way to do things, mind you, but I've seen it before, usually from customers of mine who moved a computer from work or another ISP and kept their old DNS settings. I don't think that's what's going on in your case, though... -- Michael Bryan fbsd-security@ursine.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message