gpg: failed to create temporary file '/var/lib/lurker/.#lk0x56abf100.hantslug.org.uk.23658': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Tue Oct 16 13:34:54 2007 BST
gpg: using DSA key 20ACB3BE515C238D
gpg: Can't check signature: No public key
On Tue, Oct 16, 2007 at 01:27:24PM +0100, Hugo Mills wrote:
> On a server I run, I've been getting these messages show up in the
> system logs for the last week or so. They come approximately once an
> hour, usually somewhere in the first ten minutes of the hour.
> The 212.23.6.100 address seems to be a DNS server for the ISP that
> machine is connected through (Zen). The other one is
> "ns1.whoisweb.net" -- listed as one of the nameservers for attack.in.
>
> Does anyone have any ideas what's going on, and why someone would
> be trying to look up NS records for attack.in on my server every hour?
On closer inspection, it seems to be a common occurrence on that
system for several other domain names. It's probably the mail scanner
doing DNS checking of incoming mail. The reason that that particular
line is showing up in logcheck is probably because it's got the word
"attack" in is, so logcheck is picking it up as unusual.
Panic over. You can all go back to ignoring me now.
Hugo.
--
=== Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk ===
PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk
--- Quantum est ille canis in fenestra? ---
