Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to log dns zone transfers? Ubuntu 8.04.1 & Bind 9.4.2

Posted on 2008-10-15
5
Medium Priority
?
1,004 Views
Last Modified: 2013-12-06
I'm asking how can I log the zone transfers to a separate log file?  What I'm wanting to do is to determine the status of zone transfers, either success or failure in a log file.  If I can't log the zone transfers to a separate log file. How can I determine the success or failure of the zone transfers in a log file?  We maintain the master, an outside vendor maintains the slaves.

Also, I'm using the default Ubuntu setup with the three files named.conf, named.conf.local, and named.conf.options. In the named.conf.options file there's a paragraph that states if your using a firewall between you and nameservers you want to talk to, then you might need to uncomment the line
query-source address* port 53;
I do have a firewall between the master and the slaves.  Will  I need to  uncomment this line?
0
Comment
Question by:Westez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:chingmd
ID: 22728331
Here is an article about monitoring the dns log for the zone transfers.  
http://lists.virus.org/vuln-dev-0206/msg00157.html

And yes you need to open port 53 for dns.

udp port 53 for queries
tcp port 53 for zone transfers
0
 

Author Comment

by:Westez
ID: 22731191
>>And yes you need to open port 53 for dns.
So your saying the line in named.conf.options should be uncommented?
If your talking about the firewall, they're already open.

The article doesn't bring anything new to the table that I don't already know. Sorry if I wasn't clear.
 I'm asking for syntax, how can I log the zone transfers to a separate log file?
Something like:
logging {
channel audit_log {
file "/var/bind/named.log";
severity debug;
print-time yes;
};

I'm unsure of things such as whether the file named.log has to be created first, or if it will be created on the fly.
0
 
LVL 9

Accepted Solution

by:
chingmd earned 2000 total points
ID: 22732005
The named.conf file is if you want to change the port from default.   It's not required to uncomment it.  

Ok, I undertstand a bit better.

Logging named to a log, and if possible logging zone transfers to different log.  I beleive so.
http://www.ludd.luth.se/~kavli/BIND8/logging.html

So without a named daemon available to me:  (so un tested)

logging {
   channel zone-xfers {
      file "/var/log/named/zone-xfers" versions 3 size 20m;
      print-time yes;
      print-host yes;
      print-category yes;
   };
   channel default {
      file "/var/log/named/named.log" versions 3 size 20m;
      print-time yes;
      print-host yes;
   };
 
   category xfer-out { zone-xfers }
   category xfer-in { zone-xfers }
   category default { default }
}



channel zone-xfers {
   file "/var/log/named/zone-xfers" versions 3 size 20m;
   print-time yes;
   print-host yes;
   print-category yes;
};
0
 
LVL 9

Expert Comment

by:chingmd
ID: 22732018
Oops..  Strike that last portion at the bottom, it's a repeat of above information.

0
 

Author Comment

by:Westez
ID: 22734472
Thanks, this is what I was asking\ seeking confirmation for.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question