[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] named: denied update log entires
- Subject: [cobalt-security] named: denied update log entires
- From: "Dave" <maxdoubt@xxxxxx>
- Date: Wed, 19 Dec 2001 21:26:41 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Happy Holidays all :)
I've been getting the below message for a couple of days now and just looking
for a little insight. I do the DNS and, as you can see, the *denied update*
shows it's the correct version of bind on my Raq3. I have added the offending
IP to hosts.allow, did a */etc/rc.d/init.d/inet restart* then added the IP to
the route table.
No, I'm not using IPChains yet but I am close to installing as I feel I
understand the rules better now (collocated). So, short of not being able to
IPChain him, are there any *other* options or things I can do? Is this
harmless so I can add to logcheck.ignore?
Security Violations
=-=-=-=-=-=-=-=-=-=
Dec 19 20:34:01 ns named[352]: denied update from [61.175.130.201].7332 for
"siteonmyraq.com"
Dec 19 20:34:05 ns named[352]: denied update from [61.175.130.201].7335 for
"siteonmyraq.com"
Dec 19 20:34:08 ns named[352]: denied update from [61.175.130.201].7338 for
"siteonmyraq.com"
and goes on and on......
Thanks for everyone's help,
Dave~