Ok, firewall involved blocking outbound dns queries? Something upstream
blocking dns queries?
Quick test is resolve against 68.2.16.30 (cox's dns server I think is
still open) or any general dns server outside. Make sure you can
actually perform a dns looking outside (allow tcp/udp port 53 t
Michael,
It is version 9.3.2 because that is the version I found on the internet that
allowed for the DNS poison example to work. The rndc status shows there are
6/1000 recursive clients, but other than that everything is 0. The host
command shows very similar to your examples, which is what I exp
What version of named? Maybe different versions...
user@idns01:~$ named -v
BIND 9.4.2-P2.1
Did rndc give any reply? Do you get *any* response from the server
querying it?
Usually /var/log/daemon will give you some kind of growling if it's not
allowing you to query, see how clean it loads:
Lisa and Michael,
Thank you for your input. I did not think about the rndc so I reloaded just for
the heck of it. Yet I am still not getting Metasploit to show the recursive
call working. Here is the named.conf.options file:
options {
directory "/var/cache/bind";
Make sure you're listening on the right interface (not just 127.0.0.1)
and you allow-query any as well as recursion.
options {
directory "/var/cache/bind";
pid-file "/var/run/bind/run/named.pid";
statistics-file "/var/run/named.stats";
auth-nxdomain no;# confo
Hi David!
Nice to see you on Saturday!
Bind9 can be fussy (rndc controls everything).
You ARE changing the right item to turn recursion on.
http://www.eukhost.com/forums/f15/turning-off-dns-recursion-bind-2283/
But you can also do this in a Bind9 ACL using the "Views" feature:
http://www.bind9.
I am trying to set up a DNS poisoning test as an example for my class. I
have setup both an Ubuntu 6.10 and 10.10 server. When I use my Backtrack
system to check the DNS server I get a message "This server is not replying
to recursive requests". I have added "allow-recursion { any; };" to my
config
moin moin,
announcement from SCaLE about dates for next year's event.
ciao,
der.hans
--
# http://www.LuftHans.com/http://www.LuftHans.com/Classes/
# Very frankly, I am opposed to people being programmed by others.
#-- Fred Rogers, aka Mr. Rogers (1928-2003)
-- Forwarded m
