On 3/13/2014 4:17 AM, John R Pierce wrote:
> ... 10-20MB daily logs of
> client 10.191.192.212 query (cache) 'm.777.liyuanxi.com/A/IN' denied: 1 Time(s)
> client 10.192.34.96 query (cache) 'dyjwntl.www.0411gogo.com/A/IN' denied: 1 Time(s)
> client 10.192.43.105 query (cache) 'doitxwx.777.liyuanxi.com/A/IN' denied: 1 Time(s)
> client 10.192.90.161 query (cache) 'v.www.90uc.com/A/IN' denied: 1 Time(s)
ok, let me rephrase this question.
how do I stop named (bind97 from CentOS 5.10) from logging those
specific events at all? there were 1.2 million of these yesterday.
no, fail2ban won't work,. no 2 came from the same IP. afaik, these are
attempts at cache poisoning, which I've disabled.
--
john r pierce 37N 122W
somewhere on the middle of the left coast
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
