On Wed, Feb 11, 2009 at 01:21:35AM +0100,
Thomas Manson wrote
a message of 88 lines which said:
> I believed I was on bind mailing list, a mailing list is where you
> usually get some help... isn't it ?
You're right, it's a shame. Ask immediately for a refund, both for
your registration to th
On Wed, Feb 11, 2009 at 01:35:31AM +0100,
Thomas Manson wrote
a message of 80 lines which said:
> I'll temporray block the ip on my firewall
Very bad idea, since it is forged. You do exactly what the attacker
wanted you to do.
The proper thing to do is:
https://www.dns-oarc.net/oarc/article
Well...
> > I'll temporray block the ip on my firewall
>
> Very bad idea, since it is forged. You do exactly what the attacker
> wanted you to do.
> The proper thing to do is:
> https://www.dns-oarc.net/oarc/articles/upward-referrals-considered-harmful
>
this is kind of response I expect : an an
An intelligently designed firewall rule that drops the incoming requests
isn't doing exactly what the attacker wants. It's the opposite. The
main effect of forged lookups is a response flood. And so it is also
intended to flood the victim with overwhelming amounts of DNS
responses. It, like any
I have downloaded libbind6.0b1
My question is;
the arpa/nameser.h file included does not include
type definitions for DNSKEY (or other dnssec rr types)
in the ns_type enum.
am I looking in the wrong place?
Thanks
--
Jack Tavares
___
bind-users maili
Hi,
I've just started with Bind and DNS, so...
1 I'm on a LAN where external ntp and Window$ update sites are denied.
2 we have, on this LAN a wsus and a ntp server
3 a fresh Window$ XP pro try download.windowsupdate.com for update and
time.windows.com for synctime...
Can I play with these two z
Hi,
I have a question regarding the rrset-order option.
I have compiled a nameserver with the --enable-fixed-rrset option and
configured it with the following rrset-order in global options.
rrset-order {
class IN type NS name "host.example.com" order fixed;
order cyclic;
};
Querying the a
_sip._udp.as.host.com as1.host.com 0 1 5060
_sip._udp.as.host.com as2.host.com 0 0 5060
Since "as1" has a higher weight, it will always be picked first by the
SRV aware client?
I want the devices to ALWAYS go to "as1" and only go to "as2" if "as1"
is not available.
Do the above l
I've been aware of this problem since it first came up on this and nanog's
list, but I'm having some configuration issues trying to make the upward
referrel be refused. I'm running bind-9.6.0P1, but I'm still seeing the NS
queries being answered in the log:
11-Feb-2009 09:34:25.489 queries: client
On Wed, 11 Feb 2009, Matthew Huff wrote:
I've been aware of this problem since it first came up on this and nanog's
list, but I'm having some configuration issues trying to make the upward
referrel be refused. I'm running bind-9.6.0P1, but I'm still seeing the NS
queries being answered in the lo
You certainly load the zone you don't own, but be aware the downside will be
every downstream domain or host under the two domains you load will be
blackholed.
In your examples:
1) Everything under time.windows.com will not be resolvable other than
time.windows.com. i.e. someotherhost.time.windows
On Feb 11 2009, Johnny wrote:
_sip._udp.as.host.com as1.host.com 0 1 5060
_sip._udp.as.host.com as2.host.com 0 0 5060
That's the wrong syntax. I'll assume you mean
_sip._udp.as.host.com. SRV 0 1 5060 as1.host.com.
_sip._udp.as.host.com. SRV 0 0 5060 as2.host.com.
Since "as1"
Thanks to David Forest, I realize now that the query IS being refused,
however nothing in the bind log shows the refusal. Is there anyway to see
that in the log?
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: ma
On Feb 11, 2009, at 5:01 AM, Torsten Segner wrote:
When asking a resolver I get answers in random order as long as I
don't insert the above rrset-order option in the resolver config as
well.
Have I missed something or is this an intended behaviour of
resolving nameservers?
This is normal
Hello,
Is it possible to have more than one hosts assigned as SOA in a given zone file?
I have BIND 9.5 and two UNIX hosts as authoritative servers (host1.com and
host2.com) for the domain x.host.com
Currently I have host1 as master and host2 configured as slave for x.host.com.
In case if host1
Greeting!
I am trying to load bind patch 119783-10 on a Solaris 10 system running
DNS 9.35-p2 and ran into several problems. I suspect that the root
cause is due to the security posture that we have in place that prevents
a compiler from being loaded on the systems. Has anyone loaded this
patch
On Wed, Feb 11, 2009 at 12:30:19PM -0800, Worrell, James J Mr CIV US DISA GS4T1
wrote:
>
> Greeting!
>
> I am trying to load bind patch 119783-10 on a Solaris 10 system running
> DNS 9.35-p2 and ran into several problems. I suspect that the root
> cause is due to the security posture that we ha
We recently moved all our domains to an online name server place, they
will now host ALL our domains.
I am still running my name servers in cache only mode.
If I wanted to set it so that when my local users send a query to the
servers here and I want it to instead of looking up stuff on its own
In article ,
Prabhat Rana wrote:
> Hello,
> Is it possible to have more than one hosts assigned as SOA in a given zone
> file?
> I have BIND 9.5 and two UNIX hosts as authoritative servers (host1.com and
> host2.com) for the domain x.host.com
> Currently I have host1 as master and host2 confi
Hi,
in your named.conf:
zone "example.com" {
type forward;
forward only;
forwarders {IPOFTHEDNSTOFORWARDTO;};
};
At least, that is what I use...
Perhaps you need to define some additinal acls
Hope this helps
Regards,
Serge Fonville
On Wed, Feb 11, 2009 at 10:09 PM, John D. Vo wrote:
> We rec
20 matches
Mail list logo
