Hello guys,
I see, my server is authoritative for some internal domain, so I will try
Allow-query. Thank you.
But the attack is from my allowed IP addresses so I can't block the entire zone.
I tried NXDOMAINS-PER-SECOND but server is not giving nxdomain response but
servfail.
How about ERRORS-P
Hi,
No, I have an access list that allows only our ISP zones.
BR, Nyamka
From: m...@at.encryp.ch
Sent: Tuesday, March 28, 2023 3:40 PM
To: Nyamkhand Buluukhuu ; bind-users@lists.isc.org
Subject: Re: Bind dns amplification attack
Are you an open recursor? If
Hello,
We are having slowly increasing dns requests from our customer zones all asking
mXX.krebson.ru. I think this is a DNS amplification attack.
And source zones/IP addresses are different but sending same requests like
below.
[cid:ecee1d77-4e4a-4661-b415-32efff6013c7]
Most of them are rate
-directory.
auto-dnssec maintain;
This is for the automated key management. With this option enabled, named will
periodically check if there are new key available, or expired key and manage
DNSKEY records. It's very helpful when you renew your keys.
Have a nice day :)
BR, NYAM
Hi,
Yeah, on both.
I didn't configure to filter records, is it necessary?
Have a nice day :)
BR, NYAMKHAND Buluukhuu
Engineer
TPD/ETSD
UNESCO street - 28, MPM Complex
Ulaanbaatar -14220, Mongolia
Mobile: (976) 94081017
Web: www.mobicom.mn<http://www.newcom.mn/>
Befor
do with IPv6 records. I can't query PTR and some other
records too
Have a nice day :)
BR, NYAMKHAND Buluukhuu
Engineer
TPD/ETSD
UNESCO street - 28, MPM Complex
Ulaanbaatar -14220, Mongolia
Mobile: (976) 94081017
Web: www.mobicom.mn<http://www.newcom.mn/>
Before you start
ON:
;mobinet.mn. IN
;; AUTHORITY SECTION:
mobinet.mn. 3600 IN SOA mdns.mobinet.mn. administrator.mobinet.mn. 2020080309
10800 3600 1209600 38400
;; Query time: 1 msec
;; SERVER: 2407:6400:0:400::12#53(2407:6400:0:400::12)
;; WHEN: Tue Sep 15 08:43:46 +08 2020
;; MSG SIZE rcvd: 122
Have a nic
Ah, I see,
the cache on the resolver is out of date?
I restarted the named but it's still the same.
I restarted named on authoritative /mdns.mobinet.mn/ too.
Have a nice day :)
BR, NYAMKHAND Buluukhuu
Engineer
TPD/ETSD
UNESCO street - 28, MPM Complex
Ulaanbaatar -14220, Mongolia
M
nd run query from authoritative servers, I
get answers.
Also, when I use OpenDNS, I get answers normally.
I'm stuck here, any advice is appreciated.
Thanks :)
Have a nice day :)
BR, NYAMKHAND Buluukhuu
Engineer
TPD/ETSD
UNESCO street - 28, MPM Complex
Ulaanbaatar -14220, Mongolia
Mobile
Hi,
You can see what is happening in debug mode.
Start your named with -g option
ex: /usr/sbin/named -g
Have a nice day :)
BR, NYAMKHAND Buluukhuu
From: bind-users on behalf of Adrian van
Bloois
Sent: Thursday, July 9, 2020 6:08 PM
To: BIND 9 mailinglist
Hello,
listen-on-v6 port 53 {};
You can try like above.
then after restarting named, check result from 'netstart -ltnp' command to see
if v6 address is listening.
Have a nice day :)
BR, NYAMKHAND Buluukhuu
From: bind-users on behalf of Duleep
Thi
Hi Ged,
That's a very useful detailed explanation.
Thank you very much.
I think, after some backup, I will run make install from the new source.
Have a nice day :)
BR, NYAMKHAND Buluukhuu
Engineer
TPD/ETSD
UNESCO street - 28, MPM Complex
Ulaanbaatar -14220, Mongolia
Mobile: (976) 940
STDIR}${mandir}/man1/isc-config.sh.1
rm -f ${DESTDIR}${bindir}/bind9-config
rm -f ${DESTDIR}${bindir}/isc-config.sh
So I guess, I can run "make uninstall".
Thanks.
Have a nice day :)
BR, NYAMKHAND Buluukhuu
Engineer
TPD/ETSD
UNESCO street - 28, MPM Complex
Ulaanbaatar -14220, M
compile a newer version with a different prefix and make a link?
Which one is the safest way? If make uninstall doesn't work, how do you guys
upgrade your compiled bind?
I appreciate any suggestions.
Thank you.
Have a nice day :)
BR, NYAMKHAND Buluukhuu
Engineer
TPD/ETSD
UNESCO street -
14 matches
Mail list logo
