Tony Toews [MVP] tto...@telusplanet.net kirjoitti
viestissä:p2vsn4leohtc8dm4a7m8rt4g6d4kem2...@4ax.com...
Noel Butler noel.but...@ausics.net wrote:
Surely windows can block access to an inbound IP request from some IP
to local udp port 53 ?
Not the firewall software built into Windows 2003
On Tue, Jan 27, 2009 at 11:50:51AM +0100,
Jan Buchholz 96de...@googlemail.com wrote
a message of 38 lines which said:
i think disable queries at the root-zone for not internal networks
is another answer for this problem .
Good practices about this attack (with specific BIND advice) is
On Jan 26, 2009, at 11:27 PM, David Ford wrote:
hand because each line isn't strictly well-formed per RFC. If every
vendor was as utterly asinine about absolutist conformance, sure, we'd
have a lot less mess out there, but we'd have a lot less forward
movement as well as a lot more fractioning
Hallo,
i think disable queries at the root-zone for not internal networks is
another answer for this problem .
---
Jan
2009/1/27, Jukka Pakkanen jukka.pakka...@qnet.fi:
Tony Toews [MVP] tto...@telusplanet.net kirjoitti
viestissä:p2vsn4leohtc8dm4a7m8rt4g6d4kem2...@4ax.com...
Noel Butler
On 26.01.09 17:09, Todd Snyder wrote:
I am trying to wrap my head around a weird configuration I ran across
today, and see if my assumptions are correct.
Working with the TLD .testdomain.
We have the record:
test2.testdomain. IN NS ns01.blahblah.testdomain.
But, on
On Tue, 27 Jan 2009, Luis Silva wrote:
Hi all,
I'm having a question related to querying external servers that hope you
could answer me. I'm sending a iterative query for an external server and
the server is sending a referral answer but only with the authoritive name
servers. After that, i
So then you disagree that the following example returns a valid address
record for srv1?
srv1 300 IN A 1.2.3.4
mx1 300 IN CNAME srv1.xyz.com.
@ 300 IN MX 1 mx1.xyz.com.
1) Select Target Host:
The MX query for xyz.com delivers mx1.xyz.com which is a CNAME.
2) Get Target Host Address:
The
On 27.01.09 08:46, Al Stu wrote:
So then you disagree that the following example returns a valid address
record for srv1?
srv1 300 IN A 1.2.3.4
mx1 300 IN CNAME srv1.xyz.com.
@ 300 IN MX 1 mx1.xyz.com.
1) Select Target Host:
The MX query for xyz.com delivers mx1.xyz.com which is a
Hello,
sorry if such question has been asked before (couldnt find and the
documentation was unclear), but maybe somebody can help with such issue or
clarify:
Do you need (and there is no workarround) to specify all the zones in all
views?
To be specific:
1. I have Bind (9.4.3) with bunch
Reinis Rozitis wrote:
view custom {
match-clients { custom-clients; }
zone customzone.com { ... };
}
view normal {
match-clients { any; };
zone customzone.com { ... };
zone otherzone.com { ... };
zone otherzone2.com { ... };
}
The problem is that if the client
I've been using an include file for zones common between multiple views,
it
might help in your case too.
Thanks somehow didnt think about this way. Pretty much takes to acceptable
solution :)
wbr
Reinis Rozitis
___
bind-users mailing list
Al Stu al_...@verizon.net wrote:
How about these two?
nullmx.domainmanager.com
Non-authoritative answer:
Name:mta.dewile.net
Address: 69.59.189.80
Aliases: nullmx.domainmanager.com
smtp.secureserver.net
Non-authoritative answer:
Name:smtp.where.secureserver.net
Address:
I'm trying to troubleshoot why we are getting a lot of disabling EDNS
messages in /var/log/messages.
We are running bind-9.5.0.P2 on a linux box.
Jan 27 11:42:23 ns0 named[27764]: too many timeouts resolving
'host2.centmine.com/' (in 'centmine.com'?): disabling EDNS
Please consider
I should have sent this to the list
On Tue, Jan 27, 2009 at 11:42 AM, Serge Fonville
serge.fonvi...@gmail.comwrote:
Hi,
Not sure what your endgoal is, but...
If you want a specific zone to be queried on the external nameserver, you
can create a forward zone.
If you want all unresolvable
When Section 5.1 of RFC 5321 says If a CNAME record is found, the
resulting name is processed as if it were the initial name, it is
referring to the situation where a query is sent for the MX record for
xyz.com, and instead of an MX record being returned for xyz.com, a CNAME
record is returned for
Hi Bind experts,
I'm looking to do some automation of bind administration - particularly
adding and removing A Records, PTRs, and CNAMEs. Dynamic DNS is not
appropriate as there is a strong requirement for change management on the
zone files. Anyone have a strong belief in one or another tool,
Dean Clapper wrote:
I'm trying to troubleshoot why we are getting a lot of disabling EDNS
messages in /var/log/messages.
We are running bind-9.5.0.P2 on a linux box.
Jan 27 11:42:23 ns0 named[27764]: too many timeouts resolving
'host2.centmine.com/' (in 'centmine.com'?): disabling EDNS
In message 260425.38131...@web38201.mail.mud.yahoo.com, W Sanders writes:
The easy way to block people trying to DoS you, without needing a firewall,
is to just null route their IP: add route
1.2.3.4 127.0.0.1. Of course this blocks ALL traffic from that IP, but in
most cases the IP trying
In message d53c69e1f478453a8371b49b4f04c...@ahsnbw1, Al Stu writes:
So then you disagree that the following example returns a valid address
record for srv1?
The MX query won't return the A record for srv1. The
additional section processing rules say to add A /
In message pine.neb.4.64.0901271203100.26...@tx.reedmedia.net, Jeremy C. Ree
d writes:
I'm trying to troubleshoot why we are getting a lot of disabling EDNS
messages in /var/log/messages.
We are running bind-9.5.0.P2 on a linux box.
Jan 27 11:42:23 ns0 named[27764]: too many
Tony Toews [MVP] tto...@telusplanet.net wrote:
26-Jan-2009 14:28:24.004 client 76.9.16.171#23101: query: . IN NS +
26-Jan-2009 14:28:58.254 client 63.217.28.226#28035: query: . IN NS +
26-Jan-2009 14:29:00.691 client 63.217.28.226#35549: query: . IN NS +
26-Jan-2009 14:29:26.332 client
Jukka Pakkanen jukka.pakka...@qnet.fi wrote:
There are many free third party firewall packages that can be run in Window=
s =
2003 Server, we use the Net Firewall.
Do you have a URL? I found http://www.ntkernel.com/wp.php?id=18 but it's not
free.
I'm also going to ask my fellow MVPs as well.
In article glma06$8d...@sf1.isc.org,
Mark Andrews mark_andr...@isc.org wrote:
Liberal in what you accepts means don't die on arbitary
input. You should still reject rubbish.
But MX pointing to CNAME is not rubbish. It's a violation of the
letter of the spec, but it's very clear
In article glmqqb$jv...@sf1.isc.org,
mlel...@serpens.de (Michael van Elst) wrote:
Barry Margolin bar...@alum.mit.edu writes:
customer.com. IN MX 10 mx.yourdomain.com.
mx.yourdomain.com. IN CNAME mx.outsourcer.com.
mx.outsourcer.com. IN A ...
That's just the same as
| customer.com. IN
In article glnemv$10n...@sf1.isc.org,
Matus UHLAR - fantomas uh...@fantomas.sk wrote:
On 27.01.09 08:46, Al Stu wrote:
So then you disagree that the following example returns a valid address
record for srv1?
srv1 300 IN A 1.2.3.4
mx1 300 IN CNAME srv1.xyz.com.
@ 300 IN MX 1
On 27.01.09 08:46, Al Stu wrote:
So then you disagree that the following example returns a valid address
record for srv1?
srv1 300 IN A 1.2.3.4
mx1 300 IN CNAME srv1.xyz.com.
@ 300 IN MX 1 mx1.xyz.com.
1) Select Target Host:
The MX query for xyz.com delivers
26 matches
Mail list logo