[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87bri62g4u.fsf@blackbox.babasse.net>
From: plonk-o-matic at teaser.fr (Cyril Guibourg)
Subject: Question for DNS pros
Paul Schmehl <pauls@...allas.edu> writes:
> What I want to know is *why* do these "foreign" hosts think an IP on
> my network is serving DNS when there's not even a host at that address.
>
> I can think of two possibilities:
>
> 1) At some time in the past, a host *was* serving DNS at that address
> and some "foreign" hosts have cached the address.
> 2) Someone somewhere has registered a domain and used our IP address
> for one of their "nameservers" in the registration.
>
> (If anyone can think of other explanations, please let me know.)
Some bogus resolver, or forwarder, setup.
> Now how is a reverse lookup going to help you with that?
It won't.
> The best suggestion yet has been to set up a name server at that
> address with verbose logging. That's probably what I will do next
> week.
Yes, just put no zone at all and log queries. After a while, you should be
able to figure out "why" you receive these queries.
Cheers.
Powered by blists - more mailing lists