Solved

How to log dns zone transfers? Ubuntu 8.04.1 & Bind 9.4.2

Posted on 2008-10-15
5
995 Views
Last Modified: 2013-12-06
I'm asking how can I log the zone transfers to a separate log file?  What I'm wanting to do is to determine the status of zone transfers, either success or failure in a log file.  If I can't log the zone transfers to a separate log file. How can I determine the success or failure of the zone transfers in a log file?  We maintain the master, an outside vendor maintains the slaves.

Also, I'm using the default Ubuntu setup with the three files named.conf, named.conf.local, and named.conf.options. In the named.conf.options file there's a paragraph that states if your using a firewall between you and nameservers you want to talk to, then you might need to uncomment the line
query-source address* port 53;
I do have a firewall between the master and the slaves.  Will  I need to  uncomment this line?
0
Comment
Question by:Westez
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:chingmd
ID: 22728331
Here is an article about monitoring the dns log for the zone transfers.  
http://lists.virus.org/vuln-dev-0206/msg00157.html

And yes you need to open port 53 for dns.

udp port 53 for queries
tcp port 53 for zone transfers
0
 

Author Comment

by:Westez
ID: 22731191
>>And yes you need to open port 53 for dns.
So your saying the line in named.conf.options should be uncommented?
If your talking about the firewall, they're already open.

The article doesn't bring anything new to the table that I don't already know. Sorry if I wasn't clear.
 I'm asking for syntax, how can I log the zone transfers to a separate log file?
Something like:
logging {
channel audit_log {
file "/var/bind/named.log";
severity debug;
print-time yes;
};

I'm unsure of things such as whether the file named.log has to be created first, or if it will be created on the fly.
0
 
LVL 9

Accepted Solution

by:
chingmd earned 500 total points
ID: 22732005
The named.conf file is if you want to change the port from default.   It's not required to uncomment it.  

Ok, I undertstand a bit better.

Logging named to a log, and if possible logging zone transfers to different log.  I beleive so.
http://www.ludd.luth.se/~kavli/BIND8/logging.html

So without a named daemon available to me:  (so un tested)

logging {
   channel zone-xfers {
      file "/var/log/named/zone-xfers" versions 3 size 20m;
      print-time yes;
      print-host yes;
      print-category yes;
   };
   channel default {
      file "/var/log/named/named.log" versions 3 size 20m;
      print-time yes;
      print-host yes;
   };
 
   category xfer-out { zone-xfers }
   category xfer-in { zone-xfers }
   category default { default }
}



channel zone-xfers {
   file "/var/log/named/zone-xfers" versions 3 size 20m;
   print-time yes;
   print-host yes;
   print-category yes;
};
0
 
LVL 9

Expert Comment

by:chingmd
ID: 22732018
Oops..  Strike that last portion at the bottom, it's a repeat of above information.

0
 

Author Comment

by:Westez
ID: 22734472
Thanks, this is what I was asking\ seeking confirmation for.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question