Am Mi, den 08.06.2005 schrieb Jim Christiansen um 16:55: > Hello, My ISP provider has reported back to me that they have logged > suspicious traffic on my DNS box. Here is a clip that shows what they have > recorded... > > If I lock down all but udp 53 with iptables will my DNS still work?? > > What the heck is this?? Thanks for any ideas.. Jim > > 2005-04-26/09:57:14 2005-04-26/09:57:59 142.26.181.85 6-tcp 45179 > 24.150.56.151 6346 5 300 CANADA Not clear to me where your DNS host is located and what else it does. Can it be that you are running P2P in your net which uses the DNS host? If not intended, then find the bad install. Maybe you are trojaned. DNS uses both UDP and TCP port 53. Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.27_FC2smp Serendipity 17:13:30 up 15 days, 15:51, load average: 0.10, 0.10, 0.06
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
