On Sun, Jan 01, 2017 at 08:36:43PM +0000, Simon Hobson wrote: > Hendrik Boom <hend...@topoi.pooq.com> wrote: > > >> Which caching daemon are you using? > > > > That's one of the things I don't know. I suspect it's whatever > > the devuan installer provided me long ago. > > > > How do I find out? > > What do /etc/resolv.conf and /etc/nssswitch.conf have in them ? > Though to be honest, other than the systems I have BIND running on, > DNS resolution is something of a black box to me.
hendrik@notlookedfor:~$ cat /etc/resolv.conf domain topoi.pooq.com search topoi.pooq.com nameserver 8.8.8.8 nameserver 8.8.4.4 hendrik@notlookedfor:~$ cat /etc/nssswitch.conf cat: /etc/nssswitch.conf: No such file or directory hendrik@notlookedfor:~$ cat /etc/nsswitch.conf # /etc/nsswitch.conf # # Example configuration of GNU Name Service Switch functionality. # If you have the `glibc-doc-reference' and `info' packages installed, try: # `info libc "Name Service Switch"' for information about this file. passwd: compat group: compat shadow: compat gshadow: files hosts: files mdns4_minimal [NOTFOUND=return] dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis hendrik@notlookedfor:~$ > > > By the way, the cache poisoning isn't an immediate problem. I've had it > > in the past, it was a nuisance, but eventually the cache entry expired > > after a few weeks. > > That's unusual, I don't see many DNS records with TTLs that are weeks long. We are talking about accessing misconfigured DNS servers. It's also possible that something else in the system was doing its own caching, such as a browser. -- hendrik > _______________________________________________ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
