log file full of t-syr.com record!

Giobbi Piero piero at news.fb.se
Tue Jul 3 13:46:48 UTC 2007 

I love ur special talents.. : )

Run named with: named -d 4 -f

Then u see more in  the log whats causing this, it seems some program  
is calling locally do do queries?

p

On 3 jul 2007, at 14.44, Vishwas wrote:

> Hi All,
> My BIND log is full of following entries.
>
> 03-Jul-2007 20:10:48.352 queries: info: client 127.0.0.1#38736: query:
> t-syr.com IN A +
> 03-Jul-2007 20:10:51.760 queries: info: client 127.0.0.1#38736: query:
> 164.80.32.60.in-addr.arpa IN PTR +
> 03-Jul-2007 20:10:51.761 queries: info: client 127.0.0.1#38736: query:
> t-syr.com IN A +
> 03-Jul-2007 20:10:52.041 queries: info: client 127.0.0.1#38736: query:
> 164.80.32.60.in-addr.arpa IN PTR +
> 03-Jul-2007 20:10:52.042 queries: info: client 127.0.0.1#38736: query:
> t-syr.com IN A +
> 03-Jul-2007 20:10:55.239 queries: info: client 127.0.0.1#38736: query:
> 164.80.32.60.in-addr.arpa IN PTR +
> 03-Jul-2007 20:10:55.241 queries: info: client 127.0.0.1#38736: query:
> t-syr.com IN A +
> 03-Jul-2007 20:10:55.247 queries: info: client 127.0.0.1#38736: query:
> 164.80.32.60.in-addr.arpa IN PTR +
> 03-Jul-2007 20:10:55.249 queries: info: client 127.0.0.1#38736: query:
> t-syr.com IN A +
> 03-Jul-2007 20:10:58.620 queries: info: client 127.0.0.1#38736: query:
> 164.80.32.60.in-addr.arpa IN PTR +
> 03-Jul-2007 20:10:58.621 queries: info: client 127.0.0.1#38737: query:
> 164.80.32.60.in-addr.arpa IN PTR +
> 03-Jul-2007 20:10:58.622 queries: info: client 127.0.0.1#38738: query:
> t-syr.com IN A +
> 03-Jul-2007 20:10:58.624 queries: info: client 127.0.0.1#38739: query:
> t-syr.com IN A +
>
>
> The port numbers 387** are opened by user "bind".
> This is giving me a feeling that may be my machine is compromised!?
> Why should BIND daemon continuously ask for t-syr.com ?? Probably
> these DNS query packets are spoofed packets. Any comments?
>
>
>
> -- 
> Best Regards,
> Vishwas.
> ivishwas.googlepages.com
>
> I know quite certainly that I myself have no special talent;
> curiosity, obsession and dogged endurance, combined with
> self-criticism have brought me to my ideas. - Albert Einstein
>
>

More information about the bind-users mailing list