Home > Dns Error > Dns Error Sending Response Host Unreachable

Dns Error Sending Response Host Unreachable

A few threads elsewhere suggest adding "query source" option in named i.e query-source address * port 53; which would allow simplier firewall configuration? Regards, On 12 March 2012 18:00, Chuck Swiger wrote: > On Mar 12, 2012, at 8:09 AM, Romgo wrote: > > Dear community, > > > > I Stay logged in Log in with Facebook Log in with Twitter Toggle navigation Products Plans & Pricing Partners Support Resources Preview Forums Forums Quick Links Search Forums New Posts Search titles You are currently viewing LQ as a guest. have a peek at these guys

Introduction to Linux - A Hands on Guide This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started Follow this article on DNS server hardening. C. I had a jail: JID IP Address Hostname Path 36 10.55.0.117 ansible-test /usr/jails/ansible-test The jail was largely unused.

Page 1 of 2 1 2 Next > NoAgendas Guest No sites are loading and ALL OF A SUDDEN server stats in whm shows a few services instead of all the S 06:28 0:00 cppop - serving 200.21.159.154 - AUTHORIZATION root 606 0.0 0.1 13676 5732 ? C program run. Is there a way to completely drop these requests to begin with?

Results 1 to 9 of 9 Thread: NAMED attack - spoofed IP's Tweet Thread Tools Show Printable Version Subscribe to this Thread… Search Thread Advanced Search Display Linear Mode Switch Useful Searches Recent Posts Resources Resources Quick Links Search Resources Most Active Authors Latest Reviews Feature Requests Defects Menu Log in Sign up The Community Forums Interact with an entire community After you install the package, set it up to block hosts that send more than 15 pps to port 53, like so: phreld -p 53 -T 15:0 share|improve this answer edited Are you new to LinuxQuestions.org?

Any help? Newer Than: Search this thread only Search this forum only Display results as threads More... rebooted the whole server Running out of ideas? Believe it or not, I just remembered that about 20 minutes ago.

What recommend APF config would you suggest? Attempting to find the source, I started a tcpdump on the host: $ sudo tcpdump -ni em0 host 10.55.0.117 Password: tcpdump: verbose output suppressed, use -v or -vv for full protocol Search this Thread 03-04-2014, 02:55 PM #1 rootaccess Member Registered: Mar 2012 Posts: 211 Rep: Help with named - error sending response: host unreachable I am getting flooded by User #58479 4021 posts macmanluke Whirlpool Forums Addict reference: whrl.pl/RdKbFm posted 2013-Oct-16, 11:06 am ref: whrl.pl/RdKbFm posted 2013-Oct-16, 11:06 am O.P.

I do not know why. #1 NoAgendas, Aug 17, 2006 Last edited by a moderator: Aug 17, 2006 NoAgendas Guest Cpanel loads EXTREMELY SLOW (while the most minimal cpu/memory usage http://forum.directadmin.com/showthread.php?t=15730 Jeff +1 951 643-5345 Third-Party DirectAdmin administration and support Dedicated Servers, Dedicated Reseller Accounts NoBaloney Internet Services div. Why does the ISS track appear to be sinusoidal? Will try a restart and looking at messages but so far nothing in the logs from days ago.

more hot questions question feed about us tour help blog chat data legal privacy policy work here advertising info mobile contact us feedback Technology Life / Arts Culture / Recreation Science I even have to chmod 1777 /tmp after a reboot (every time) or else mysql/exmstats fail." Others have this problem as well, mentioned on this forum #3 NoAgendas, Aug 17, I don't use either of these for several reasons: 1) I test all firewall rules by trying to log in once I restart the firewall, before I close the ssh connection The reason was somebody doing  was flooding the dns packets with spoofed ips, which comonly known as ‘reflection attack' where the attacker spoof dns requests with forged IPs.

SNs 01:00 0:00 /usr/bin/perl /scripts/cpbackup root 17635 0.0 0.0 1484 444 ? S 06:27 0:00 cppop - serving 200.21.159.154 - AUTHORIZATION root 507 0.0 0.1 13676 5732 ? Please read our faq in particular May I promote products or websites I am affiliated with here?. –Hangin on in quiet desperation Dec 14 '12 at 8:34 add a comment| Your How can I stop this?

current community blog chat Server Fault Meta Server Fault your communities Sign up or log in to customize your list. I think you missed my last question as you responded at the same time. Similar Threads - error sending response Warning: Error while sending QUERY packet.

Code: [email protected] [/tmp]# ps aux | grep cp root 15 0.0 0.0 0 0 ?

Strange that it is not there by defaultClick to expand... All rights reserved. Recursion is set to off, I had massive requests and I realized recursion was not set to no in my external views so that cleared up that problem. In response to the first reply: The issue with this really is that tcpdump doesn't show any problems.

Jon Reply With Quote 11-06-2006,04:08 PM #2 xemaps View Profile View Forum Posts Verified User Join Date Apr 2006 Location Europe Posts 430 is that really a problem ? Good call What about this? "I cannot view any sites. Stay logged in Toggle Width Home Contact Us Help Terms and Rules Privacy Policy Top Company About Us Our Leadership Giving Back Contact Become a Partner Careers Products cPanel Features WHM Don't play with it unless you know what you're doing.

I want these people to stop whatever it is they are doing to trigger this event that is then logged.. error sending response: host unreachable Discussion in 'General Discussion' started by NoAgendas, Aug 17, 2006. Hope this helps! I tailed /var/log/messages and it was strolling these lines for example: Aug 17 00:21:11 server named[24214]: zone client1.co.uk/IN: loaded serial 2006040801 Aug 17 00:21:11 server named[24214]: zone client2-net.co.uk/IN: loaded serial 2006040807

http://www.darkreading.com/attacks-b...in-r/240151862 smallpond View Public Profile View LQ Blog View Review Entries View HCL Entries View LQ Wiki Contributions Find More Posts by smallpond 03-04-2014, 03:21 PM #3 rootaccess Member Thanks for pointing out my typo; I've fixed it. The clients are all the same, about 10-12 clients trying to use my dns to attack others. You may have to register before you can post: click the register link above to proceed.

Reply With Quote 0 10-15-2013,11:55 AM #6 LP560 View Profile View Forum Posts View Forum Threads Visit Homepage Web Hosting Master Join Date Apr 2005 Location Tinterweb Posts 555 Thanks #7 NoAgendas, Aug 17, 2006 NoAgendas Guest Chirpy where are you my friend? :D #8 NoAgendas, Aug 18, 2006 chirpy Well-Known Member Joined: Jun 15, 2002 Messages: 13,475 Blocked out a heap of those ips for now. Powered by vBulletin Version 4.2.3 Copyright © 2016 vBulletin Solutions, Inc.