Well-Known Member
Jul 4, 2002
Atlanta, GA
I keep getting the following line in my error logs (obviously date/time etc. chages):

Oct 5 04:30:55 host1 named[959]: client 64.172.xx.xxx#7054: update 'domain.com/IN' denied

I've traced the IP to a DSL connection on the west coast. The owner of the domain is on the east coast. and has no idea why someone would be attempting to update his DNS information. Does anyone have any idea? This happens all day/night long each and every day.

I would try blocking the IP, but it changes every couple of days (most likely just a DHCP lease expiration).

It only happens against one specific domain.