"Fragment Flags Invalid"
Mark Andrews
Mark_Andrews at isc.org
Tue Feb 3 10:17:39 UTC 2009
In message <WorldClient-F200902031224.AA24200048 at dci.ir>, "Bind" writes:
>
> I installed fresh installation of solaris 10 on sparc machine with latest
> bind v9,
"latest bind v9" is imprecise. Is that Sun's latest or
ISC's latest and which one of the 4 version we just released
are you refering to?
> this server is behind the hardware Firewall(policy from out to in is
> udp53&from in to out is any).
> But my cisco IDS always announces this alarm from my server to other
> external clients or servers:
>
> "Fragment Flags Invalid"
Talk to CISCO. It's their software and they should be able
to explain this to you.
> Src Address Dst Address Signature Name
> 192.168.1.1 x.x.x.x Fragment Flags Invalid
> Here is my named.conf:
> options {
> version "version not currently available";
> pid-file ".../run/named.pid";
> directory ".../named/namedb";
> dump-file ".../named.dump";
> recursive-clients 10000;
> statistics-file "..../namedb/statistics";
> tcp-clients 1000;
> allow-recursion {
> any;
> };
> };
>
> logging {
> channel simple_log {
> file "/var/adm/named/bind.log" versions 3 size 50m;
> print-category yes;
> print-severity yes;
> print-time yes;
> severity warning;
> };
> category default {
> simple_log;
> };
> };
>
> key "rndc-key" {
> algorithm ,,,,,,,,,;
> secret "************";
> };
>
> controls {
> inet 127.0.0.1 port 953
> allow { 127.0.0.1; } keys { "rndc-key"; };
> };
> does anybody have idea about this alarm? can i fix this error by tunning
> bind?
> Regards
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list