On Saturday 08 November 2008 22:12, [EMAIL PROTECTED] wrote:
> We are re-evaluating the way our DNS server are set-up. We currently have
> one primary and one slave DNS server. Each of them can resolve any domain
> names that they are authoritative for (approx 175 domain names).
>
> I'm wonderi
On Friday 31 October 2008 15:47, Barry Margolin wrote:
> > > > MX
> > > > 1)
> > > > MX CNAME Check
> > > > WARNING: CNAME was returned for the following MX records:
> > > > smtp.secureserver.net
> > > > The CNAME(s) that were returned are listed above. This is not ok
> > > > per
> > > > t
On Sunday 19 October 2008 09:27, Michael Enke wrote:
> Hi all,
> is there a way to tell bind that if a systems is queried
> which is not in the zone file (but in same domain) to use the forwarder?
Nope.
> I want to do something like this:
> I have no influence in the DNS-setup for the domai
On Thursday 09 October 2008 16:41, Todd Snyder wrote:
> I work in a highly change controlled environment, and one of the things
> that flags a change as no-go is having to restart named due to the risk
> of taking down a functional server due to a misconfig.
>
> We have mitigated this to some
On Thursday 18 September 2008 09:48, aklist wrote:
> > File is relative to chroot dir. modify file "/var/log/named/named.log"
> > to reflect this change and retry.
>
> Thanks...I'm not sure how to target the chroot'd path though?
>
> Is there a path var in Fedora that can be used as a shortcut
On Wednesday 10 September 2008 11:28, aklist wrote:
> Hi All: I reinstalled bind to 9.5.0-p1 last month, and it's now running
> chrooted (it wasn't before).
As the other reply stated it is all relative to your chroot environment.
Question I have is are you running Selinux? Selinux only allows
On Tuesday 09 September 2008 10:32, Saulo Medeiros de Araújo wrote:
> Hello to eveyone!
> I trying to solve the DNS Cache Snooping vulnerabilty, detected by Nessus,
> but i'm having some dificuties.
>
> I found in my searchs some safer BIND configurations to prevent cache
> snooping attacks.
On Tuesday 02 September 2008 17:43, Chris Buxton wrote:
> No, that's not quite it.
>
> The problem here is that rndc is looking for the key in /usr/etc.
> Which tells me that the build that created rndc was './configure'd
> with '--prefix=/usr' and no '--sysconfdir'.
In the chroot environment
On Friday 29 August 2008 09:51, Larry Gross wrote:
> 1. /usr/etc/rndc.conf recreated. This is the one that rndc uses.
In a chroot env the rndc keys and conf files must be in /var/named/chroot/etc
Named and rndc only look under chroot for the files they require.
--
Regards
Robert
It is not
On Tuesday 26 August 2008 12:00, Ejaz wrote:
> Hi all
> while restarting bind after adding new domain, i found messages in my
> logs that says named: zone astaldi.net.sa/IN: loading master file oop.com
> permission denied. Any ideas?
>
> in other hand am sure that my zone has full permision
On Sunday 17 August 2008 01:04, VK wrote:
> I am curious because I have 3 secondary servers about to be used, 2 in the
> U.S and 1 in the UK, along with the primary NS located here in my country,
> on a small (64k) ISDN line, which can be very congested at numerous times
> 24/7 due to the natu
On Tuesday 12 August 2008 20:09, Mark A. Moore wrote:
> Yes. We are running SELinux. What is the command to stop the service and
> if we plan on using SELinux, can you tell us what changes need to be made?
setenforce 0 = stops SELinux
setenforce 0 = re-enables SELinux
As to reconfiguring SELinu
On Tuesday 12 August 2008 10:11, Jeff Lightner wrote:
> You also probably shouldn't use Fedora for a Production DNS - Fedora is
> bleeding edge so it rolls out new versions and discards old ones on a
> fairly aggressive time frame. If you don't want to pay for RedHat
> (RHEL) then you can in
On Tuesday 12 August 2008 17:05, Mark A. Moore wrote:
> All,
> Thanks for the response given on this. I modified the named.conf file line
> file "/chroot/named/logs/named.log"; to file "/logs/named.log";
>
> Now when I restart bind, the error I get now is "logging channel
> 'audit_log' file '/l
On Wednesday 06 August 2008 00:38, [EMAIL PROTECTED] wrote:
> I tested it earlier by incrementing the serial number of a test zone in
> the primary, then reload the primary and the secondary (both running
> BIND 8.4.6). The secondary didn't update the zone until 10-15 minutes
> later and it's
On Saturday 26 July 2008 02:43, Chris Buxton wrote:
> Linux iptables does not appear to change source ports.
IPTABLES does not change anything unless you program it to.
So lets not start the 'IPTABLES is the problem' thread.
If anything it's the person who programmed it.
--
Regards
Robert
S
16 matches
Mail list logo
