I know just enough about this to be dangerous. I have bind9 running on 22.04 Server. I have noticed many entries in the syslog from named such as this....
Aug 23 16:40:39 homesvr01 named[29547]: validating sync.adtelligent.com/CNAME: no valid signature found
Aug 23 16:40:39 homesvr01 named[29547]: validating sync.vertamedia.com/CNAME: no valid signature found
Aug 23 16:47:06 homesvr01 named[29547]: message repeated 3 times: [ validating sync.vertamedia.com/CNAME: no valid signature found]
Aug 23 16:47:35 homesvr01 named[29547]: validating plex.tv/A: no valid signature found
However when I run dig on the sites logged it returns an answer.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28686
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;plex.tv. IN A
;; ANSWER SECTION:
plex.tv. 19 IN A 52.212.244.29
plex.tv. 19 IN A 54.229.5.9
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Wed Aug 23 16:50:37 EDT 2023
;; MSG SIZE rcvd: 68
named.conf.local...
//include "/etc/bind/zones.rfc1918";
zone "bender.int" {
type master;
file "/etc/bind/forward.bender.int.db";
allow-update { none; };
};
zone "71.168.192.in-addr.arpa" {
type master;
file "/etc/bind/reverse.bender.int.db";
allow-update { none; };
};
named.conf.options...
acl "trusted" {
192.168.71.0/24;
};
options {
directory "/var/cache/bind";
recursion yes;
allow-recursion { trusted; };
listen-on { 192.168.71.202; };
allow-transfer { none; };
forwarders {
8.8.8.8;
8.8.4.4;
};
};
I'm not really sure how to proceed with this. These messages are constantly hitting my syslog. Any advice appreciated.
