[BIND 8.3.1] 192.0.32.18/19 what's it's exact duty?
Joaquin J. Domens
jdomens at corp.terra.es
Mon Mar 4 16:30:56 UTC 2002
Hi,
I've been analizyng packets on our dns's systems and I've found lots and
lots of packets from our dns's to this ip's
Example:
dns3.terra.com -> 192.0.32.18 DNS C port=62571
dns3.terra.com -> 192.0.32.18 DNS C port=62571
dns3.terra.com -> 192.0.32.18 DNS C port=62571
People here were afraid of an attack or something like this ......
After looking for some information I've seen these are Domain System
inverse mapping provided by:
| BLACKHOLE-1.IANA.ORG 192.0.32.18
| BLACKHOLE-2.IANA.ORG 192.0.32.19
As I see understand these are some kind of "root servers" for inverse
mapping ..........my question is:
What is the exact meaning of sending queries to this ip's ?¿?¿?¿
Are inverse mappings that or dns haven't configured locally ?¿?¿?
It's a normal issue ?¿?¿? may be it can be due other isp's wrong
inverses's ¿?¿?
I'm worried about this because it's happening in dns's specific for
clients.
All our inverse mapping and stuff for internal working are on other
machines and they register less packets to the blackhole's than this
machine .......
Sorry for my english, but hope I've described it clear ..........
Cheers
PS: this machines are in an ISP's production environment.
--
--------------------------------------------------
Joaquin J. Domens
Área de Tecnología
Departamento de Producción / Aplicaciones
--------------------------------------------------
Terra Networks España S.A.
Julián Camarillo, 6
28037 Madrid, España
Tel. (34) 91-375 2384 Fax (34) 91-375 2320
joaquin.domens at corp.terra.es
--------------------------------------------------
Mercado Continuo: TRR | Nasdaq: TRLY
--------------------------------------------------
http://www.terra.es
--------------------------------------------------
More information about the bind-users
mailing list