* Jeffrey I. Schiller:
Let me attempt to bring this back to the policy question.
Does someone have the *right* to put one of your IP addresses as an NS
record for their domain even if you do not agree?
I don't think it's allowed (and it shouldn't be), but without a
cluestick from legal, you
* Randy Bush:
it is a best practice to separate authoritative and recursive servers.
why?
e.g. a small isp has a hundred auth zones (secondaried far
away and off-net, of course) and runs cache. why should
they separate auth from cache?
Some registrars require that you begin to serve the
I use CCR (Cisco COnfiguration Repository, part of snmpstat project) and
have change reports daily, + have syslog reports hourly.
The same (osiris ) with hosts, btw.
- Original Message -
From: Rob Thomas [EMAIL PROTECTED]
To: NANOG nanog@merit.edu
Sent: Thursday, January 12, 2006 10:19
http://snmpstat.sourceforge.net/CCR-config.htm
- Original Message -
From: Randy Bush [EMAIL PROTECTED]
To: Jared Mauch [EMAIL PROTECTED]
Cc: NANOG nanog@merit.edu
Sent: Thursday, January 12, 2006 1:00 PM
Subject: Re: Is my router owned? How would I know?
Configuration Change
Some Cisco IOS'es have numerous bugs, related to SNMP (I watched few cases,
when all Cisco's 72xx lost configuration becuase of receivbing something
bogus), so SNMP should be filtered out from public internet.
- Original Message -
From: Mikael Abrahamsson [EMAIL PROTECTED]
To: NANOG
On Sat, 14 Jan 2006, Alexei Roudnev wrote:
Some Cisco IOS'es have numerous bugs, related to SNMP (I watched few cases,
when all Cisco's 72xx lost configuration becuase of receivbing something
bogus), so SNMP should be filtered out from public internet.
The major problem people forget is that
On Sat, 14 Jan 2006, Martin Hannigan wrote:
I am taking a proactive approach to screening my emails so that I don't get
junk mail.
Please just click on the link below so I can get your message, and all your
future messages. You only have to do this ONCE!
Kurt, and our friends at
See story below from isc.sans.org (now on cover page, article on
http://isc.sans.org/diary.php?storyid=1042)
Rubens
---
TippingPoint IPS DoS (High CPU load) (NEW)
Published: 2006-01-14,
Last Updated: 2006-01-14 05:57:28 UTC by Swa Frantzen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe Abley wrote:
That's a little over-broad considering the number of registries there
are (and have been, for a long time). I think it's fair to say that
even if this was once the case for COM/NET/ORG registries, there are
many more
As an engineer, I believe we would need a protocol that would
permit someone to query an IP address to ask what DNS domains
it may be an NS for.
this addresses neither the issue of longevity nor that of
whether it is authoritative for a particular domain which
is proposed to be, or has been,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Foolish me. Indeed all that is required is a way to detect that the
delegation is lame (hopefully in a secure fashion) and remove the lame
delegations. Of course that does leave the problem of what to do if all
of the delegations are lame, as Randy
Indeed all that is required is a way to detect that the
delegation is lame
for bind vic^H^H^Husers
dig +norec zone.name. @delegatee.name. soa
to check the ns rrset at the [proposed] delegatee
dig +norec zone.name. @delegatee.name. ns
on later digs, you can also use the +short
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Randy Bush wrote:
could you amplify?
If registrars regularly checked for lame delegations (or checked on
demand). Then a way to attack a domain would be to forge DNS responses
to cause the registrar to remove the domain because it is lame. So
On Sat, Jan 14, 2006 at 04:44:02PM -0500, Jeffrey I. Schiller wrote:
...
As an engineer, I believe we would need a protocol that would permit
someone to query an IP address to ask what DNS domains it may be an NS
for. A simple client server response protocol. Lack of a response would
mean all
On Sat, 14 Jan 2006 17:06:20 EST, Jeffrey I. Schiller said:
Foolish me. Indeed all that is required is a way to detect that the
delegation is lame (hopefully in a secure fashion) and remove the lame
delegations. Of course that does leave the problem of what to do if all
of the delegations are
I just started seeing thousands of DNS queries that look like some sort
of DOS attack. One log entry is below with the IP obscured.
client xx.xx.xx.xx#6704: query: z.tn.co.za ANY ANY +E
When you look at z.tn.co.za you see a huge TXT record.
Is anyone else seeing this attack or am I the
In article [EMAIL PROTECTED] you write:
I just started seeing thousands of DNS queries that look like some sort
of DOS attack. One log entry is below with the IP obscured.
client xx.xx.xx.xx#6704: query: z.tn.co.za ANY ANY +E
When you look at z.tn.co.za you see a huge TXT record.
Is anyone
17 matches
Mail list logo
