How to know if someone is trying to access Server DNS unauthorizedly?

Asked By jersey hidalgo 20 points N/A Posted on - 03/13/2012

It's a big problem when someone will try to access the Server DNS unathorizedly.

How will I know if someone is accessing it without permission?

• Status: Open
• Question Views: 970
• Answer Count: 1
• Vote Up 0 Vote Down

• Answer Accepted: No
• Question Category: Network Security

Answered By Pallasigue Stabins 0 points N/A #103295

How to know if someone is trying to access Server DNS unauthorizedly?

There are few ways to find out that someone is accessing your DNS server. These are provided below:

1. who or w command will not work. It can be because the intruders removes var/log/wtmp file that is why you failed to see who is working.

2. The function of log doesn't work

a. /var/log/messages

b. /var/log/syslog

/etc/syslog.conf file was replaced.

3.Zlib library would be replaced

4. Tasks were most probably removed from cron and the task: * * * * * /usr/games/.bash/update >/dev/null 2>&1 was launched

 

About Pallasigue Stabins

Questions
1

Answers
63

Best Answers
26

• Vote Up 0 Vote Down

• Posted on - 03/13/2012
• Question Category: Network Security