[GLLUG] Failing DNS queries

Andy Smith andy at bitfolk.com
Sat Jan 9 01:42:54 UTC 2021


On Sat, Jan 09, 2021 at 12:59:17AM +0000, Tim Woodall via GLLUG wrote:
>     359 (.): view external: query failed (REFUSED) for ./IN/ANY at ../../../bin/named/query.c:7144

> is this some sort of DNS amplification that I've not heard of

Probably not. They are probably looking for open resolvers to use in
DNS amplification DDoS attacks.

> and do I need to do something different?

I'd firewall it off (with a DROP) except for networks that are
supposed to be using it, and not bother looking at the logs unless
it became problematic levels of traffic.


https://bitfolk.com/ -- No-nonsense VPS hosting

More information about the GLLUG mailing list