Am Wed, 10 Nov 2010 01:49:08 +0100
schrieb Michelle Konzack :
> Hello Torsten,
>
> Am 2010-11-09 15:46:05, hacktest Du folgendes herunter:
> > Maybe it's easier to get a dump with rndc dumpdb -zones and then run
> > the grep on the dump file.
>
> Ehm, but AFAIK the dumpfiles are the same as the
On Tue, Nov 9, 2010 at 8:10 PM, Brian J. Murrell wrote:
> The only written to that file when one of those broken chain lookups happen
> is:
>
> dnssec: validating @0x2295e9b0: 41.70.55.206.sa-trusted.bondedsender.org TXT:
> starting
> dnssec: validating @0x2295e9b0: 41.70.55.206.sa-trusted.bonded
In article ,
Michelle Konzack wrote:
> Hello Matus UHLAR - fantomas,
>
> Am 2010-11-09 14:13:47, hacktest Du folgendes herunter:
> > I am not sure whether dnswalk over whole internet can do that, but on your
>
> I will try it...
>
> > server you can either run recursive grep over named data d
Casey Deccio deccio.net> writes:
>
> Reproducing these errors and analyzing the debug-level log messages
> would be helpful since everything looks consistent from a DNSSEC
> perspective, as far as I can see.
Well, I have attempted this. I reproduced my existing bind configuration and
added the
rndc status
version: 9.6.2-P1
zone "abc.xyz.com"
{
type slave;
file "596251.db";
masters { 10.10.10.1; };
allow-notify { 10.10.10.2; };
};
==
When a NOTIFY is received from 10.10.10.2, does BIND query
abc.xyz.com's SOA against 10.10.10.1 or 10.10.10.2? Is there a
difference in behavio
Michelle Konzack wrote:
> Hello Robert Spangler,
>
> Am 2010-11-09 10:34:52, hacktest Du folgendes herunter:
>
>> If these domains are for internal use only, why did you list the DNS servers
>> for them? You are aware that you can register a domain without listing a
>> DNS
>> Server?
>>
On Wed, Nov 10, 2010 at 01:47:44AM +0100,
Michelle Konzack wrote
a message of 115 lines which said:
> Even my simple squirrelmal login page from
> is spidered daily with more then 800 hits and I have already counted
> more then 80 different searchbots.
HTTP spidering issues are clearly off-t
In message <20101110005445.go5...@michelle1>, Michelle Konzack writes:
> Hello philippe.simo...@swisscom.com,
>
> Am 2010-11-09 22:16:08, hacktest Du folgendes herunter:
> > For all CNAME records, make e.g. a TXT record with the reverse result :
> > (TXT is maybe not the better record type...whic
Hello philippe.simo...@swisscom.com,
Am 2010-11-09 22:16:08, hacktest Du folgendes herunter:
> For all CNAME records, make e.g. a TXT record with the reverse result :
> (TXT is maybe not the better record type...which ones (for specialists))
>
> For each :
> a-name IN A 1.2.3.4
> an-alias IN CNAM
Hello Robert Spangler,
Am 2010-11-09 10:34:52, hacktest Du folgendes herunter:
> If these domains are for internal use only, why did you list the DNS servers
> for them? You are aware that you can register a domain without listing a DNS
> Server?
Because my own customers (exclusively) must acc
Hello Torsten,
Am 2010-11-09 15:46:05, hacktest Du folgendes herunter:
> Maybe it's easier to get a dump with rndc dumpdb -zones and then run
> the grep on the dump file.
Ehm, but AFAIK the dumpfiles are the same as the orginal zone files in
/etc/bind or do I something missing?
Thanks, Greetin
> Date: Tue, 09 Nov 2010 13:34:41 -0800
> From: Eric Ham
> Sender: bind-users-bounces+oberman=es@lists.isc.org
>
> On 11/ 9/10 01:25 PM, Christian Ruppert wrote:
> > On 11/09/2010 10:11 PM, Christian Ruppert wrote:
> >> Hey guys,
> >>
> >> I have a zone that I update remotely via nsupdate. Wh
PTR RRs benefit from label compression, whereas TXT records do not.
Therefore I prefer PTR records for any such "metadata" references within
DNS. There's no chance they'll be mistaken for, or conflict with reverse
DNS records if they're not in the in-addr.arpa branch of the namespace.
On 11/ 9/10 01:25 PM, Christian Ruppert wrote:
On 11/09/2010 10:11 PM, Christian Ruppert wrote:
Hey guys,
I have a zone that I update remotely via nsupdate. When I update the
zone and query it internal (view) I get the correct answer but when I do
a query from outside I still get the old A reco
On 11/09/2010 10:11 PM, Christian Ruppert wrote:
> Hey guys,
>
> I have a zone that I update remotely via nsupdate. When I update the
> zone and query it internal (view) I get the correct answer but when I do
> a query from outside I still get the old A record.
> So the same nameserver gives diffe
Hi
If you have control over all zones, you could also pre-store the results of
your search in DNS :)
For all CNAME records, make e.g. a TXT record with the reverse result :
(TXT is maybe not the better record type...which ones (for specialists))
For each :
a-name IN A 1.2.3.4
an-alias IN CNAME a
Hey guys,
I have a zone that I update remotely via nsupdate. When I update the
zone and query it internal (view) I get the correct answer but when I do
a query from outside I still get the old A record.
So the same nameserver gives different answers.
"dig my.zone.tld A +short @ns.zone.tld".
I ha
On 09/11/2010 14:14, Michelle Konzack wrote:
Hello Matus UHLAR - fantomas,
Am 2010-11-09 14:13:47, hacktest Du folgendes herunter:
I am not sure whether dnswalk over whole internet can do that, but on your
I will try it...
server you can either run recursive grep over named data directory, o
In message <006001cb7ffe$7a6f5b10$6f4e11...@eurid.eu>, "Marc Lampo" writes:
> Hello,
>
>
>
> Much attention has been given to DNSSEC - how it brings security - the
> "chain-of-trust" - the root zone signed - activities of tld's to get
> signed - ...
> but we - I belong to an organisation in ch
Hello Matus UHLAR - fantomas,
Am 2010-11-09 14:13:47, hacktest Du folgendes herunter:
> I am not sure whether dnswalk over whole internet can do that,
"dnswalk" is already starting wierd behaviour:
[ command 'dnswalk vserver09.tamay-dogan.net.' ]
Checking vserver09.tamay-
This is not good idea to use statefull firewall on heavy loaded DNS
server. firewall becomes low place in the system.
As workaround you can use dns_flood_detector + simple script to insert
and remove IP's from firewall blocking table or chain.
27.10.2010 23:26, Sebastian Tymków пишет:
> In FreeBS
Am Tue, 9 Nov 2010 15:14:04 +0100
schrieb Michelle Konzack :
> Hello Matus UHLAR - fantomas,
>
> Am 2010-11-09 14:13:47, hacktest Du folgendes herunter:
> > I am not sure whether dnswalk over whole internet can do that, but
> > on your
>
> I will try it...
>
> > server you can either run recurs
On Sunday 07 November 2010 20:02, Michelle Konzack wrote:
> I have (since several years) collected some domain names which do not
> exist (since years) and registered it in the last 4 month for the
> internal use of my Internet Service.
If these domains are for internal use only, why
Hello Matus UHLAR - fantomas,
Am 2010-11-09 14:13:47, hacktest Du folgendes herunter:
> I am not sure whether dnswalk over whole internet can do that, but on your
I will try it...
> server you can either run recursive grep over named data directory, or dump
> the named dsatabase and grep it...
On 09.11.10 14:01, Michelle Konzack wrote:
> does someone know, how to get easily all CNAME records for a Host?
>
> For example I have:
>
> vserver09.tamay-dogan.net. 604800 IN A88.168.69.36
>
> www.can4linux.org. 86400 IN CNAMEvserver09.tamay-dogan.net.
> www.fexray4lin
Hello *,
does someone know, how to get easily all CNAME records for a Host?
For example I have:
vserver09.tamay-dogan.net. 604800 IN A88.168.69.36
www.can4linux.org. 86400 IN CNAMEvserver09.tamay-dogan.net.
www.fexray4linux.org.86400 IN CNAMEvserver09.tamay
Hello,
Much attention has been given to DNSSEC - how it brings security - the
"chain-of-trust" - the root zone signed - activities of tld's to get
signed - ...
but we - I belong to an organisation in charge of a tld - should also pay
attention to the validating, client, side of DNSSEC.
What
27 matches
Mail list logo
