It's a big problem when someone will try to access the Server DNS unathorizedly.
How will I know if someone is accessing it without permission?
There are few ways to find out that someone is accessing your DNS server. These are provided below:
1. who or w command will not work. It can be because the intruders removes var/log/wtmp file that is why you failed to see who is working.
2. The function of log doesn't work
a. /var/log/messages
b. /var/log/syslog
/etc/syslog.conf file was replaced.
3.Zlib library would be replaced
4. Tasks were most probably removed from cron and the task: * * * * * /usr/games/.bash/update >/dev/null 2>&1 was launched
