1 |
fire-eyes wrote: |
2 |
> On my small server I am seeing a sudden inrush of requests to named like tihs. |
3 |
> Of particular intrest is _domainkey. A quick google search didn't really |
4 |
> explain why I am seeing so much of this, it's been going on almost |
5 |
> continuously for 20 minutes. |
6 |
> |
7 |
> So, anyone recognize this stuff? |
8 |
> |
9 |
Well, this "stuff", as you call it, is just normal DNS queries - but |
10 |
more of them than you usually get, as you noted. |
11 |
One or two per second is nothing to worry about, and would not be |
12 |
considered a DoS attack even if you were on a 56K link... |
13 |
|
14 |
The _domainkey queries are experimental, or from people who already |
15 |
implement SPF and Yahoo's scheme for it. |
16 |
That was 10 seconds of Google, by the way ;-) |
17 |
|
18 |
If you really want to know what is happening, you need to log DNS |
19 |
requests and replies. |
20 |
Then you can see what information is exchanged, and lookup where they |
21 |
come from. |
22 |
|
23 |
J |
24 |
|
25 |
-- |
26 |
gentoo-server@g.o mailing list |