almost, but no seegar,... i and continuing to have dig lookups for linuxlighthouse.com a is timing out(refused or servfail)
anyone see my misconfiguration?? one error i need to address, my domain is 'linuxlighthouse.com' i have mistakenly tried to include ws.linuxlighthouse.com & www.linuxlighthouse.com in my certificates.. i am missing the record to define www.<linuxlighthouse.com> ? tia, jackc... # Name Server: NS3.ATTDNS.COM # Name Server: WS.LINUXLIGHTHOUSE.COM nmap -sS 108.220.213.121 Starting Nmap 7.80 ( https://nmap.org ) at 2021-04-30 13:07 PDT Nmap scan report for ws (108.220.213.121) Host is up (0.0020s latency). Not shown: 993 closed ports PORT STATE SERVICE 53/tcp open domain 80/tcp open http 443/tcp open https 631/tcp open ipp 5000/tcp open upnp 8200/tcp open trivnet1 20005/tcp open btx Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds [root@ws named$ netstat -tapnl | grep named tcp 0 0 10.0.0.101:53 0.0.0.0:* LISTEN 20563/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 20563/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 20563/named tcp6 0 0 :::53 :::* LISTEN 20563/named tcp6 0 0 ::1:953 :::* LISTEN 20563/named nmap -A -T4 -p53 108.220.213.121 Starting Nmap 7.80 ( https://nmap.org ) at 2021-04-30 13:10 PDT Nmap scan report for ws (108.220.213.121) Host is up (0.0013s latency). PORT STATE SERVICE VERSION 53/tcp open domain (generic dns response: NOTIMP) | fingerprint-strings: | DNSVersionBindReqTCP: | version |_ bind 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port53-TCP:V=7.80%I=7%D=4/30%Time=608C645D%P=x86_64-redhat-linux-gnu%r( SF:DNSVersionBindReqTCP,20,"\0\x1e\0\x06\x81\x05\0\x01\0\0\0\0\0\0\x07vers SF:ion\x04bind\0\0\x10\0\x03")%r(DNSStatusRequestTCP,E,"\0\x0c\0\0\x90\x04 SF:\0\0\0\0\0\0\0\0"); Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose|WAP|phone|storage-misc|proxy server|media device Running (JUST GUESSING): Linux 4.X|2.6.X|3.X (93%), Linksys embedded (93%), Google Android 4.4.X (92%), Synology DiskStation Manager 5.X (91%), WebSense embedded (90%), BlackBox embedded (90%) OS CPE: cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel cpe:/h:linksys:ea3500 cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3.16 cpe:/o:google:android:4.4.0 cpe:/a:synology:diskstation_manager:5.2 Aggressive OS guesses: Linux 4.4 (93%), Linksys EA3500 WAP (93%), Linux 2.6.18 - 2.6.32 (93%), Linux 3.16 (93%), Android 4.4.0 (92%), Linux 3.2 - 4.9 (92%), Linux 2.6.32 - 3.10 (91%), Linux 2.6.32 (91%), Linux 2.6.32 - 2.6.35 (91%), Linux 2.6.32 - 3.5 (91%) No exact OS matches for host (test conditions non-ideal). Network Distance: 1 hop TRACEROUTE (using port 53/tcp) HOP RTT ADDRESS 1 0.87 ms ws (108.220.213.121) OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 33.84 seconds nmap -A -T4 -sU -p53 108.220.213.121 Starting Nmap 7.80 ( https://nmap.org ) at 2021-04-30 13:12 PDT Nmap scan report for ws (108.220.213.121) Host is up (0.0013s latency). PORT STATE SERVICE VERSION 53/udp open domain (generic dns response: NOTIMP) | fingerprint-strings: | DNSVersionBindReq: | version | bind | NBTStat: |_ CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port53-UDP:V=7.80%I=7%D=4/30%Time=608C64C1%P=x86_64-redhat-linux-gnu%r( SF:DNSVersionBindReq,1E,"\0\x06\x81\x05\0\x01\0\0\0\0\0\0\x07version\x04bi SF:nd\0\0\x10\0\x03")%r(DNSStatusRequest,C,"\0\0\x90\x04\0\0\0\0\0\0\0\0") SF:%r(NBTStat,32,"\x80\xf0\x80\x15\0\x01\0\0\0\0\0\0\x20CKAAAAAAAAAAAAAAAA SF:AAAAAAAAAAAAAA\0\0!\0\x01"); Too many fingerprints match this host to give specific OS details Network Distance: 1 hop TRACEROUTE (using port 53/udp) HOP RTT ADDRESS 1 1.56 ms ws (108.220.213.121) netstat -nap | grep named tcp 0 0 10.0.0.101:53 0.0.0.0:* LISTEN 20563/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 20563/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 20563/named tcp6 0 0 :::53 :::* LISTEN 20563/named tcp6 0 0 ::1:953 :::* LISTEN 20563/named udp 0 0 192.168.122.1:53 0.0.0.0:* 20563/named udp 0 0 10.0.0.101:53 0.0.0.0:* 20563/named udp 0 0 127.0.0.1:53 0.0.0.0:* 20563/named udp6 0 0 :::53 :::* 20563/named unix 2 [ ] STREAM CONNECTED 130890 20563/named unix 2 [ ] DGRAM 130887 20563/named On Fri, Apr 23, 2021 at 7:37 PM Ed Greshko <ed.gres...@greshko.com> wrote: > On 24/04/2021 10:29, Jack Craig wrote: > > ok, done. now we have, .... > > > > > > Apr 23 19:25:59 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> > named[6483]: using 7 UDP listeners per interface > > Apr 23 19:25:59 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> > named[6483]: listening on IPv6 interfaces, port 53 > > Apr 23 19:25:59 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> > named[6483]: listening on IPv4 interface lo, 127.0.0.1#53 > > Apr 23 19:25:59 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> > named[6483]: listening on IPv4 interface eno1, 10.0.0.101#53 > > Apr 23 19:25:59 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> > named[6483]: listening on IPv4 interface virbr0, 192.168.122.1#53 > > Apr 23 19:25:59 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> > named[6483]: command channel listening on 127.0.0.1#953 > > Apr 23 19:25:59 ws.linuxlighthouse.com <http://ws.linuxlighthouse.com> > named[6483]: command channel listening on ::1#953 > > And I see..... > > Nmap scan report for ws.linuxlighthouse.com (108.220.213.121) > Host is up (0.16s latency). > Not shown: 997 filtered ports > PORT STATE SERVICE > 53/tcp open domain > 80/tcp open http > 443/tcp open https > > And I get > > [egreshko@meimei ~]$ host cnn.com 108.220.213.121 > Using domain server: > Name: 108.220.213.121 > Address: 108.220.213.121#53 > Aliases: > > Host cnn.com not found: 5(REFUSED) > > Which is correct since your named.conf currently contains > > allow-query { localhost; }; > > So, at least your server is now contactable from the Internet. So you can > go about adding in the zones > you need as well as the access you want to allow. > > -- > Remind me to ignore comments which aren't germane to the thread. > _______________________________________________ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure >
_______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
