[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] named: denied update log entires

Subject: [cobalt-security] named: denied update log entires
From: "Dave" <maxdoubt@xxxxxx>
Date: Wed, 19 Dec 2001 21:26:41 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Happy Holidays all :)

I've been getting the below message for a couple of days now and just looking
for a little insight.  I do the DNS and, as you can see, the *denied update*
shows it's the correct version of bind on my Raq3.  I have added the offending
IP to hosts.allow, did a */etc/rc.d/init.d/inet restart* then added the IP to
the route table.

No, I'm not using IPChains yet but I am close to installing as I feel I
understand the rules better now (collocated).  So, short of not being able to
IPChain him, are there any *other* options or things I can do?  Is this
harmless so I can add to logcheck.ignore?

Security Violations
=-=-=-=-=-=-=-=-=-=
Dec 19 20:34:01 ns named[352]: denied update from [61.175.130.201].7332 for
"siteonmyraq.com"
Dec 19 20:34:05 ns named[352]: denied update from [61.175.130.201].7335 for
"siteonmyraq.com"
Dec 19 20:34:08 ns named[352]: denied update from [61.175.130.201].7338 for
"siteonmyraq.com"

and goes on and on......

Thanks for everyone's help,

Dave~

Follow-Ups:
- Re: [cobalt-security] named: denied update log entires
  - From: Nico Meijer

Prev by Date: Re: [cobalt-security] ProFTPD Bug - may lead to a security issue
Next by Date: [cobalt-security] ProFTPD Bug - may lead to a security issue
Previous by thread: [cobalt-security] ProFTPD Bug - may lead to a security issue
Next by thread: Re: [cobalt-security] named: denied update log entires

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index