CentOS +Bind (possible Server Atack)

Posted on 2014-08-07
Last Modified: 2014-08-07

Got a tweet to say my web server was down this morning, the VPS shows the server as down so I hit the power and it was back up quickly.

I had a dig thought the logs (I'm not a *nix expert so bear with me) the /var/log/messages were full of these...

Aug  7 03:51:52 MY-HOSTNAME named[490]: error (unexpected RCODE REFUSED) resolving '':

Looks like some kind of attack? What's do I need to change or add to my BIND server to mitigate this?
Question by:Pete Long
    LVL 57

    Author Comment

    by:Pete Long
    Some reading makes me think I've been used in a DNS amplification attack because my DNS server has recursion enabled.

    LVL 57

    Author Comment

    by:Pete Long
    BIND recursion disabled an tested - I will post full instructions shortly...............

    LVL 57

    Accepted Solution


    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Join & Write a Comment

    Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
    Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
    Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now