[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] attackalert: Unknown Type

Subject: [cobalt-security] attackalert: Unknown Type
From: "Dean Hall" <dean@xxxxxxxxx>
Date: Fri, 22 Jun 2001 09:49:57 -0700
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

>
> I got a 3-4 like this, another strange thing in the log that day
> was alot of
> zone transfers to a ip not defined in my network setings! That should not
> happen..and what is an host belgium want with .no domain name info??
>
> Jun 20 14:51:15 www named[555]: approved AXFR from
> [212.68.195.60].2356 for
> "cats.no"
> Jun 20 14:51:15 www named[555]: zone transfer (AXFR) of "cats.no" (IN) to
> [212.68.195.60].2356

The GUI setup of the DNS service, by default, allows anyone to do a zone
transfer from your DNS server.  To change this use the GUI.
Control Panel ==> services ==> DNS service parameters ==>add==>server
settings
In the Zone Transfer Access, enter the IP address of your secondary dns
server.  That way only that system could request a zone transfer.

----
Dean Hall at Tactix ReEngineering ( dean@xxxxxxxxxx )
503 520-9699  http://www.tactix.com

Follow-Ups:
- SV: [cobalt-security] attackalert: Unknown Type
  - From: Kai Schantz, Euroweb

References:
- SV: [cobalt-security] attackalert: Unknown Type
  - From: Kai Schantz, Euroweb

Prev by Date: Re: [cobalt-security] kernel: VM: do_try_to_free_pages failed for ... ?
Next by Date: SV: [cobalt-security] attackalert: Unknown Type
Previous by thread: SV: [cobalt-security] attackalert: Unknown Type
Next by thread: SV: [cobalt-security] attackalert: Unknown Type

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index