Re: DNS latency!!!

2010-08-16 Thread Yohann Lepage
2010/8/16 Shiva Raman > Hi All Hi, >   Which is the best method to measure dns latency ? Is there any scripts / > programs > available to measure the dns latency directly? - queryperf : /bind-9.7.1-P2/contrib/queryperf/ - dnsperf : http://www.nominum.com/services/measurement_tools.php -DNS benc

filter packets bound for company proxy server?

2010-08-16 Thread Greg Hauptmann
Hi, Can I ask if anyone has a good idea for how I could identify (filter packets) that are transiting via a company proxy server [e.g. proxy.mycompany.com]. The challenge here is that the DNS server will issue any one of a number of IP addresses back to the browser to use, associated with the ra

Re: filter packets bound for company proxy server?

2010-08-16 Thread Kevin Darcy
On 8/16/2010 8:10 AM, Greg Hauptmann wrote: Hi, Can I ask if anyone has a good idea for how I could identify (filter packets) that are transiting via a company proxy server [e.g. proxy.mycompany.com]. The challenge here is that the DNS server will issue any one of a number of IP addresses back

Recommended DNS notify method for hidden master

2010-08-16 Thread recvfrom
Hi, I have several internal DNS servers, one of which is a hidden master for external zones. The nameserver listed in the SOA RR is in a DMZ. The internal DNS servers forward all queries for non-authoritative zones to a DNS server in the DMZ that will perform recursive queries, but the internal n

Re: Recommended DNS notify method for hidden master

2010-08-16 Thread Matus UHLAR - fantomas
On 16.08.10 13:48, recvf...@gmail.com wrote: > I have several internal DNS servers, one of which is a hidden master > for external zones. The nameserver listed in the SOA RR is in a DMZ. > The internal DNS servers forward all queries for non-authoritative > zones to a DNS server in the DMZ that wi

Re: Recommended DNS notify method for hidden master

2010-08-16 Thread Kevin Darcy
On 8/16/2010 1:48 PM, recvf...@gmail.com wrote: Hi, I have several internal DNS servers, one of which is a hidden master for external zones. The nameserver listed in the SOA RR is in a DMZ. The internal DNS servers forward all queries for non-authoritative zones to a DNS server in the DMZ that

Re: Recommended DNS notify method for hidden master

2010-08-16 Thread recvfrom
On Mon, Aug 16, 2010 at 2:24 PM, Matus UHLAR - fantomas wrote: > On 16.08.10 13:48, recvf...@gmail.com wrote: >> I have several internal DNS servers, one of which is a hidden master >> for external zones.  The nameserver listed in the SOA RR is in a DMZ. >> The internal DNS servers forward all que

DNS Rebinding Prevention for the Weak Host Model Attacks

2010-08-16 Thread Bradley Falzon
bind-users, In light of Craig Heffner's recent Black Hat talk (here: https://media.blackhat.com/bh-us-10/whitepapers/Heffner/BlackHat-USA-2010-Heffner-How-to-Hack-Millions-of-Routers-wp.pdf and here: http://rebind.googlecode.com) I would like to propose a possible solution in line with the 'DNS re