It's a big problem when someone will try to access the Server DNS unathorizedly.
How will I know if someone is accessing it without permission?
How to know if someone is trying to access Server DNS unauthorizedly?
There are few ways to find out that someone is accessing your DNS server. These are provided below:
1. who or w command will not work. It can be because the intruders removes var/log/wtmp file that is why you failed to see who is working.
2. The function of log doesn't work
a. /var/log/messages
b. /var/log/syslog
/etc/syslog.conf file was replaced.
3.Zlib library would be replaced
4. Tasks were most probably removed from cron and the task: * * * * * /usr/games/.bash/update >/dev/null 2>&1 was launched
Â