[SOLVED] Denied DNS cache queries originating from 127.0.0.1

from here

i had thi situation:

[SOLVED] Denied DNS cache queries originating from 127.0.0.1

Hi,

recently Virtualmin complained that I needed to add 127.0.0.1 to the BIND Zones.
Since then I’ve started seeing the following entries in my /var/named/data/named.run:

13-Jan-2016 14:20:12.442 client 127.0.0.1#24778: query (cache) 'w3.org/NS/IN' denied
13-Jan-2016 14:20:12.442 client 127.0.0.1#24778: query (cache) 'comcast.net/NS/IN' denied
13-Jan-2016 14:20:12.443 client 127.0.0.1#24778: query (cache) 'akamai.com/NS/IN' denied
13-Jan-2016 14:21:03.839 client 127.0.0.1#33857: query (cache) 'cingular.com/NS/IN' denied
13-Jan-2016 14:21:03.839 client 127.0.0.1#33857: query (cache) 'kernel.org/NS/IN' denied
13-Jan-2016 14:21:03.840 client 127.0.0.1#33857: query (cache) 'gmx.net/NS/IN' denied
13-Jan-2016 19:55:38.304 client 127.0.0.1#30860: query (cache) 'sun.com/NS/IN' denied
13-Jan-2016 19:55:38.305 client 127.0.0.1#30860: query (cache) 'w3.org/NS/IN' denied
13-Jan-2016 19:55:38.307 client 127.0.0.1#30860: query (cache) 'mit.edu/NS/IN' denied

I already have the named-refused-udp and named-refused-tcp fail2ban jails activated, so I’m not worried about any such entries which originate from an external ip address.

What concerns me is those originating from 127.0.0.1.
Have I been hacked?

Thanks

i patch like this

I’ll answer my own question to help anyone else looking. To stop these entries add the following to /etc/named.conf

allow-query-cache { none; };
recursion no;
additional-from-auth no;
additional-from-cache no;
minimal-responses yes;

in this way:

options {

                listen-on port 53 { any; };

                listen-on-v6 port 53 { any; };

                directory       “/var/named”;

                dump-file       “/var/named/data/cache_dump.db”;

                statistics-file “/var/named/data/named_stats.txt”;

                memstatistics-file “/var/named/data/named_mem_stats.txt”;

                allow-query     { any; };

                allow-recursion {“none”;};

                recursion no;

                version “Not disclosed”;

                allow-query-cache { none; };

                additional-from-auth no;

                additional-from-cache no;

                minimal-responses yes;

…..