[SURBL-Discuss] Possible SURBL DNS poisoning attempt

Doc Schneider maddoc at maddoc.net
Thu Nov 18 11:31:01 CET 2004


Nov 18 03:01:13 dns named[22511]: denied recursion for query from 
[24.14.194.168].137 for TRESPASSERS IN
Nov 18 03:01:15 dns named[22511]: denied recursion for query from 
[24.14.194.168].137 for TRESPASSERS IN

Just a headsup. I'm seeing these in my name server logs... obviously it 
isn't working on my server. Meaning this (comcast) virused machine is 
trying to (appears to be) injecting some type of data into my named 
(bind) server.

Also am still getting a whole whale of surbl queries to the wrong IP/DNS 
server here. In other words servers are trying to get surbl returns from 
my bind server and not my rbldnsd server.

-Doc


More information about the Discuss mailing list