On the DNS server, a large number of "ANY" type queries occur,why? The same IP
address, produced a large number of requests within a very short period of
time. Can I block these IPs?
ShanyiWan___
Please visit https://lists.isc.org/mailman/listinfo/bin
On 28.03.12 16:08, ShanyiWan wrote:
On the DNS server, a large number of "ANY" type queries occur,why? The
same IP address, produced a large number of requests within a very
short period of time. Can I block these IPs?
yes you can. I would also wonder who sends such queries, maybe they
ask..
On Wed, Mar 28, 2012 at 04:08:33PM +0800,
ShanyiWan wrote
a message of 104 lines which said:
> On the DNS server, a large number of "ANY" type queries occur,why?
Probably the reflection+amplification attack which goes on, specially
in China, for several months. CNCERT knows about it so I sug
On 28/03/2012 10:21, Stephane Bortzmeyer wrote:
>> The same IP address, produced a large number of requests within a
>> very short period of time. Can I block these IPs?
>
> You probaably should not. The source IP address is forged, it is the
> address of the victim. If you block it, the victim w
On Wed, Mar 28, 2012 at 10:20:40AM +0200,
Matus UHLAR - fantomas wrote
a message of 18 lines which said:
> yes you can.
But it is a bad idea, since the source IP addresses are almost
certainly forged.
___
Please visit https://lists.isc.org/mailman/
On Wed, Mar 28, 2012 at 10:39:11AM +0200,
Anand Buddhdev wrote
a message of 25 lines which said:
> It's probably better to rate-limit the address. You can do that on
> your server with iptables (Linux) or ipfw (*BSD) or on your router.
A possible solution for Linux' Netfilter (test it: it may
On 28 Mar 2012, at 02:16, Jon A. wrote:
> I'm looking for a best practice to keep zone data across multiple views on
> multiple servers sync
FWIW, you're not alone.
I have three views too, internal, external, and mendacious.
The last is for coercing unregistered clien
Is signing not done at zone file level?
For our views even when the zones are identical I keep separate copies for the
internal and external views so I would have thought this wouldn't be an issue.
-Original Message-
From: bind-users-bounces+jlightner=water@lists.isc.org
[mailto
> > On the DNS server, a large number of "ANY" type queries occur,why?
>
> Probably the reflection+amplification attack which goes on, specially
> in China, for several months. CNCERT knows about it so I suggest you
> contact them.
Note that there are multiple reflection+amplification attacks go
Hello,
You're right Mark, thanks. The problem I said yesterday was solved
with the implementation of TSIG as mentioned in
https://www.isc.org/faq/item/182.
What happened was that my slave was receiving zones from the same
master view. I know, my fault! but I hope my error helps you guys
if the recrustion is the only thing we can might use a inclue file to
include all the zones in specific direcotry.
so you manage one server but more views...
On 28/03/2012 11:38, Niall O'Reilly wrote:
On 28 Mar 2012, at 02:16, Jon A. wrote:
I'm looking for a best practice to keep zone data a
On 28 Mar 2012, at 13:01, Lightner, Jeff wrote:
> Is signing not done at zone file level?
Yes, but that's not the problem.
> For our views even when the zones are identical I keep separate copies for the
> internaland external views so I would have thought this wouldn't be an issue.
We've been having this issues with neweggbusiness.com - it seems the A rec for
neweggbusiness.com is round robin load balanced:
;; ANSWER SECTION:
neweggbusiness.com. 3600 IN A 216.52.208.154
neweggbusiness.com. 3600 IN A 204.14.213.154
;; ANSWER SECTION:
neweggbusiness.com. 3600 IN NS dns2
Jon A. wrote:
> Is there a better practice to serve 100% the same authoritative data
> in two views, but block recursion, cache use, and out of zone data?
Don't use views, use allow-query and allow-recursion ACLs.
Tony.
--
f.anthony.n.finchhttp://dotat.at/
Plymouth, Biscay, FitzRoy: Northe
The problem is that their servers are returning non-authoritative
answers from the cache without also adding the NS records for the
child zone to allow the interative resolver to find a authoritative
answer. The parent server is configured as a recursive server not
a authoritative server.
On top
Dear all,
Suppose you i have phlevanzadeh.info domain and FQDN
shared.pahlevanzadeh.info,
Question:
I installed bind9, and defined zone of pahlevanzadeh.info ,now , NS of
pahlevanzadeh.info can become itself?
such as:
dig pahlevanzadeh.info NS :
pahlevanzadeh.info. 14400 IN NS shared.pahlevanzade
On Thu, Mar 29, 2012 at 6:33 AM, Mohsen Pahlevanzadeh
wrote:
> pahlevanzadeh.info. 14400 IN NS shared.pahlevanzadeh.info.
>
> Is it Possible?
Yes. Google does it
$ dig google.com ns
; <<>> DiG 9.8.1-P1 <<>> google.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, sta
Fajar,
Yes,
This is glue record.
pahlevanzadeh.info. 14400 IN NS shared.pahlevanzadeh.info.
shared.pahlevanzadeh.info. A
On Thu, Mar 29, 2012 at 7:46 AM, Fajar A. Nugraha wrote:
> On Thu, Mar 29, 2012 at 6:33 AM, Mohsen Pahlevanzadeh
> wrote:
> > pahlevanzadeh.info. 14400 IN NS
In message ,
Amir Haris Ahmad writes:
> Fajar,
>
> Yes,
>
> This is glue record.
>
> pahlevanzadeh.info. 14400 IN NS shared.pahlevanzadeh.info.
> shared.pahlevanzadeh.info. A
And you should be adding IPv6 address records for your nameservers as
well as IPv4 address records.
sh
We are using lwresd to resolve DNS ENUM queries with the cache TTL set to 1
second (effective off) and only two servers on a Solaris 10 Netra 5220 system.
Performance is reasonable if the first server is up, but when the first server
stops responding, we get unreasonably bad performance.
With
Hello all i have what is to me a very strange bind 9 master slave transfer
issue.
When i update a zone file on the master the file updates correctly the notifies
are sent and every thing seems to work perfectly except it transfers 0 bytes to
the slave. Checking the slave confirms that indeed t
2012/3/29 RYAN M. vAN GINNEKEN
> Hello all i have what is to me a very strange bind 9 master slave transfer
> issue.
>
> When i update a zone file on the master the file updates correctly the
> notifies are sent and every thing seems to work perfectly except it
> transfers 0 bytes to the slave.
2012/3/29 Peter Andreev
>
>
> 2012/3/29 RYAN M. vAN GINNEKEN
>
>> Hello all i have what is to me a very strange bind 9 master slave
>> transfer issue.
>>
>> When i update a zone file on the master the file updates correctly the
>> notifies are sent and every thing seems to work perfectly except
23 matches
Mail list logo
