[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Intermittent DNS failure or hack or what??
- Subject: [cobalt-security] Intermittent DNS failure or hack or what??
- From: "Simon Wilson" <simon@xxxxxxxxxxxxx>
- Date: Thu, 10 May 2001 15:28:56 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Apologies in advance if this isn't posted in quite the right group. I am
not sure if this a DNS problem or a security issue.
For the past two days people are intermittently unable to browse sites on
our
server. It will be ok for 30 mins then it won't work and they get 'Cannot
find
server or DNS Error' page. We have done trace routes at this time and they
are fine.
Pinging the machine is fine. The server admin browser pages always work
during
this time but not the sites. Any ideas?
We did the RaQ4-All-Security-1.0.1-10098.pkg and the
RaQ4-All-Security-1.0.1-10014.pkg
yesterday. Could it be this causing a problem?
I wonder whether we have been hacked in some form. The only suspicious
report recently
from logcheck that I don't understand was this:
May 5 02:14:16 ns1 named[376]: Lame server on '155.218.53.216.in-addr.arpa'
(in '218.53.216.in-addr.arpa'?): [216.53.130.3].53 'NS2.MPINET.NET'
Basically I don't what's going on and not surprisingly my co-location people
say that
nothing is wrong.... Help please...before a client notices.
Simon Wilson