How can I tell if a quiry is answered or denied
Jeff Sumner
kc4fox at gmail.com
Wed Apr 20 20:21:44 UTC 2022
From: bind-users <bind-users-bounces at lists.isc.org> on behalf of King, Harold Clyde (Hal) via bind-users <bind-users at lists.isc.org>
Date: Wednesday, April 20, 2022 at 3:29 PM
To: bind-users <bind-users at lists.isc.org>
Subject: How can I tell if a quiry is answered or denied
I'm trying to find bad actors stretching out my load on my main DNS server I can't tell from the query log if a host is denied an answer, or given an answer. Also, can I get the answer in my logs? I got one great answer today, maybe I'm pushing my luck, but I do feel lucky.
--
Hal King - hck at utk.edu
Systems Administrator
Office of Information Technology
Shared Services
The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:fe5c07f5-ef0a-4dd8-a8d0-f22481933b6b]
You can turn on answer logging:
rndc answerlog
This will log answers:
client @0x47faa158 192.168.0.6#60588 (hobbes.nmsu.edu): answer: hobbes.nmsu.edu IN A +T (192.168.0.210) -> NOERROR hobbes.nmsu.edu. 3600 A 128.123.88.139
J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220420/87bf21f5/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Outlook-yh04s42o.png
Type: image/png
Size: 6414 bytes
Desc: Outlook-yh04s42o.png
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220420/87bf21f5/attachment-0001.png>
More information about the bind-users
mailing list