Richard Creighton wrote:
If you run a DNS server on your system you probably have been plagued with external sites trying to forward queries through your DNS server.
Nope, can't say I have. I doubt if anyone else really have. Anyway, I took a look at some of my nameserver logfiles from 2006.10.18 to 2006.11.03 - I happened to have logging active, although I normally don't. Excluding all of my own systems' queries, I have 96233 queries over that time. Not a single one for a "foreign" domain.
Because it is so effective and because a lot of SUSE users do use SSHd and DNS and experience worms and attacks, I want to document the effectiveness of fail2ban in solving the problem we face when we run those server/demons. I, for one, have my machine back!
I'm not sure what it is you have set up, but I think you may well have shot yourself in the foot. It sounds like you're rejecting perfectly legitimate queries. /Per Jessen, Zürich -- http://www.spamchek.com/ - your spam is our business. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org