Ashley M. Kirchner wrote:
We used to have a client that we hosted their domains on our DNS.
They have moved to a different host a while ago - like months ago.
Now suddenly, in the past 48 hours, I'm seeing a bunch of these in my
logs:
named[1920]: client 216.199.46.11#58010: query (cache)
'travelhacker.com/A/IN' denied
named[1920]: client 70.46.90.166#1064: query (cache)
'travelhacker.com/A/IN' denied
named[1920]: client 208.109.78.200#31909: query (cache)
'travelhacker.com/MX/IN' denied
named[1920]: client 38.102.229.30#32772: query (cache)
'travelhacker.com/MX/IN' denied
named[1920]: client 208.53.147.132#41941: query (cache)
'travelhacker.com/CNAME/IN' denied
named[1920]: client 70.46.90.166#1064: query (cache)
'travelhacker.com/MX/IN' denied
I have bind setup to deny recursive lookups, and it's doing what
it's supposed to do there. However, is there any harm being done
here? Should I be looking into some way to have this stopped somehow?
You may have still been listed as a name service in the root servers for
some reason or someone is using an out of date cached version of their
information. That's their problem, not yours and it probably isn't going
to do anything except suck up bandwidth.
If it isn't happening too often I wouldn't worry about it since it
should correct itself eventually.
--jc
