Bugtraq mailing list archives
Outdated DNS and syslog
From: hey_you () POWERTRIP NET (Aaron Schultz)
Date: Fri, 7 Nov 1997 11:25:58 -0800
Many large ISPs such as iadfw.net are still pointing their nameservers at cache servers that apparently are pointed at other cache servers and so on. If you are one of the people doing this you are in danger of not being able to correctly identify and go after anyone who may attampt to hack your system. Besides being a DNS issue this is a syslog issue since most versions of syslog auto-lookup domain information and logs that instead of the IP. I believe that there are probably patches for syslog to log both IP and DNS lookups or just the IP, but the other solution is going to a root DNS server for lookups - this way your data in your syslog will be updated with who is REALLY connecting to your system instead of outdated cache data. Perhaps the syslog deal isn't a true bug, but it is definately something that should be thought about since most administrators depend on those log files to see who is attempting to connect. ================================================================= Aaron Schultz - hey_you () powertrip net - www.powertrip.net/~master In a world without fences, who needs Gates? =================================================================
Current thread:
- Re: Intel Pentium Bug, (continued)
- Re: Intel Pentium Bug Travis Hassloch (Nov 11)
- Re: WARNING: Linux Intel Pentium Bug Alan Cox (Nov 08)
- Re: WARNING: Linux Intel Pentium Bug Roger Espel Llima (Nov 09)
- solaris (fwd) Rob Hagopian (Nov 09)
- Re: solaris (fwd) Corey Lindsly (Nov 09)
- Re: solaris (fwd) James Lockwood (Nov 09)
- Re: solaris (fwd) Dalvenjah FoxFire (Nov 09)
- Re: WARNING: Linux Intel Pentium Bug Kurt Seifried (Nov 07)
- Re: WARNING: Linux Intel Pentium Bug Tim Newsham (Nov 07)
- Re: WARNING: Linux Intel Pentium Bug Alan Cox (Nov 08)
- Outdated DNS and syslog Aaron Schultz (Nov 07)