Solved

Disable DNS Lookup

Posted on 2008-10-19
3
1,659 Views
Last Modified: 2013-12-16
Hi,

I am using vsftpd & experience high tarffic on udp port 53 which is DNS, I beleive this is when a log is writen to audit.log by the vsftpd. When i stop teh ftp server there is no more DNS traffic.
How can i disable the DNS lookup ? ther is no option through vsftpd & its not the syslog.
Can either be the PAM or some other OS options,

Danny
0
Comment
Question by:wefi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 3

Assisted Solution

by:leonjs
leonjs earned 200 total points
ID: 22753076
Quick question, are you running vsftpd on the inside network? Is it communicating with other machines in the inside network or is it communicating with machines outside the network.

If vsftpd is doing transactions with machines outside the network we can put a statement in the firewall to not all this kind of traffic from that host.

If the traffic is inside the network only in most cases it will never hit the firewall and you can make a similar change to your switches.

I am not familiar with vsftpd to say whether or not it has settings in the conf file for dns but i do think you could take out the nameservers in /etc/resolv.conf then this traffic will not be a issue anymore, assuiming this machine does not need dns at all.
0
 

Accepted Solution

by:
wefi earned 0 total points
ID: 22753108
Commenting out is a nic eworkaround which i can use but i was thinking there is a way to stop this.
I would need resolving at some point.

0
 

Author Comment

by:wefi
ID: 22753170
h
0

Featured Post

Tutorials alone can't teach real engineering

So we built better training tools.

-Hands-on Labs
-Instructor Mentoring
-Scenario-Based Tests
-Dedicated Cloud Servers

All at your fingertips. What are you waiting for?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question