Last admin didn't have correct master ip set, put the correct on and all good.
On Tue, Jul 24, 2012 at 2:30 PM, Gregory Machin wrote:
> Hi.
> I have a bind 9 primary server and a bind 9 secondary server, I added
> a new sub domain to the primary and as a slave zone on the secondary.
> i have obvi
In article ,
Gregory Machin wrote:
> Hi.
> I have a bind 9 primary server and a bind 9 secondary server, I added
> a new sub domain to the primary and as a slave zone on the secondary.
> i have obviously missed something. What does :
>
> named[13931]: zone domain.example.com/IN: refresh: unexpe
Hi.
I have a bind 9 primary server and a bind 9 secondary server, I added
a new sub domain to the primary and as a slave zone on the secondary.
i have obviously missed something. What does :
named[13931]: zone domain.example.com/IN: refresh: unexpected rcode
(NXDOMAIN) from master 209.234.97.14#53
On 7/23/2012 6:23 PM, Kevin Darcy wrote:
On 7/22/2012 7:27 PM, Andris Kalnozols wrote:
On 7/22/2012 10:19 AM, Paul Wouters wrote:
(I don't think this made it to the list before, mixup of email
addresses)
Please consider including this patch,
Paul
-- Forwarded message --
Da
On 7/22/2012 7:27 PM, Andris Kalnozols wrote:
On 7/22/2012 10:19 AM, Paul Wouters wrote:
(I don't think this made it to the list before, mixup of email
addresses)
Please consider including this patch,
Paul
-- Forwarded message --
Date: Mon, 2 Jul 2012 17:45:08
From: Paul Wo
I also use loopback regularly if running a localhost resolver; in fact I
use a script that goes as far as changing resolv.conf if it detects an
interface address instead of loopback. [Our rules require listening on
loopback minimally here]
If you do use it, I recommend you make sure you don't hav
We've been running with 127.0.0.1 in /etc/resolv.conf for years, on a
wide variety of platforms (including Berkeley-derived ones), and never
run into this bug.
127.0.0.1 in /etc/resolv.conf is good from a configuration-consistency
standpoint: it helps prevent the fairly-common accident where
Hey there folks,
I was just going back through the good ol' cricket book, and ran into
the following:
"If you use multiple nameserver directives, don't use the loopback
address! There's a bug in some Berkeley-derived TCP/IP implementations
that can cause problems with BIND if the local nam
On Mon, 23 Jul 2012, Stephane Bortzmeyer wrote:
The operators of F-root use this on their FreeBSD machines to
rate-limit per source IP:
add pipe 1 udp from any to any 53 in
pipe 1 config mask src-ip 0x buckets 1024 bw 400Kbit/s queue 3
add pipe 2 tcp
Hi,
Thanks for your kind response. sorry for the delay.
Currently i make a logic with shell scripts is that
i run my statistics.sh by cron via every 1 minute and collect INCOMING
QUERY AND CACHE HIT RATIO.
CACHE HIT RATIO = (IN COMING QUERY - RECURSION ) / INCOMING QUERY.
Let say i run fir
On Mon, Jul 23, 2012 at 04:42:11PM +0200,
Ond?ej Caletka wrote
a message of 159 lines which said:
> I use this iptables matcher to identify incoming query type:
> https://github.com/oskar456/xt_dns
Buggy. It parses the DNS packet from the end and therefore fails with
EDNS packets (which have
Dne 23.7.2012 15:09, Marek Salwerowicz napsal(a):
> BTW - is this attack any new kind of virus/spyware or sth ?
Actually, I think these queries to ripe.net ANY with EDNS0 are caused by
some common malware. My servers are receiving these from time to time
and complaining to a person responsible for
On Mon, Jul 23, 2012 at 03:09:35PM +0200,
Marek Salwerowicz wrote
a message of 18 lines which said:
> BTW - is this attack any new kind of virus/spyware or sth ?
Not every security problem on the Internet is a virus. And I do not
see why a spyware would like to DoS people.
There are apparen
W dniu 2012-07-23 14:33, Stephane Bortzmeyer pisze:
But is there any other solutions for that permanent attacks?
The operators of F-root use this on their FreeBSD machines to
rate-limit per source IP:
add pipe 1 udp from any to any 53 in
pipe 1 config mask src-ip 0x
On Mon, Jul 23, 2012 at 02:07:51PM +0200,
Marek Salwerowicz wrote
a message of 30 lines which said:
> What I made now, is just to parse logs and block IPs that ask for
> ripe.net via ipfw.
As mentioned by Phil Mayers, the source IP address is forged. By
blocking this IP, you strike the victim
On 23/07/12 13:07, Marek Salwerowicz wrote:
Hi all,
I am new subscriber of your list.
I browsed the archive but didn't find answer/hint for my problem.
I am running (at FreeBSD 9.1-PRERELEASE) public caching DNS server.
Since about 2 months I've been receiving lot of (DNS flood attack?)
queries
Hi all,
I am new subscriber of your list.
I browsed the archive but didn't find answer/hint for my problem.
I am running (at FreeBSD 9.1-PRERELEASE) public caching DNS server.
Since about 2 months I've been receiving lot of (DNS flood attack?)
queries like:
23-Jul-2012 14:03:28.813 queries: i
17 matches
Mail list logo
