Hi =)
This was in my logs:
Feb 22 21:12:41 arcane named[2342]: denied AXFR from [205.166.226.38].4781
for "atfantasy.com" (acl)
After searching the archives and reading a message from Ramon (copied
below), I'm a little curious. Is it still safe to ignore this log
entry? Also, why would having a list of the machines in my domain be
helpful to companies trying to market and advertise stuff?
Thanks =)
-Ed
----------------------
There may be nothing amiss. It will give you that report whether the AXFR
succeeded or not. I discovered this. One way to test is from telnet from a
box on your hosts.deny list.
You will see the connection flagged, but there is no way to determine if it
succeeded from the logs. Of course, from the telnet box you can see that
you were dumped.
It is poor logging: it would be much more meaningful if the entry read
something like: "attempted AXFR denied". By the way, what this is...its
marketing companies, and spammers trying to get your DNS database so they
can market and advertise stuff. They use automatic DNS fetchers to do that.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
