Full Disclosure mailing list archives
Re: Question for DNS pros
From: Paul Schmehl <pauls () utdallas edu>
Date: Sat, 24 Jul 2004 00:58:42 -0500
--On Saturday, July 24, 2004 9:39 AM +0530 "ALD, [ Aditya Lalit Deshmukh ]" <aditya.deshmukh () online gateway technolabs net> wrote:
I can think of two possibilities: 1) At some time in the past, a host *was* serving DNS at that address and some "foreign" hosts have cached the address.
i think your isp should have this info Umm..did you look at my address? We own a class B. We don't have an ISP.
Not if the "other" DNS server is working. You're required to register two nameservers; a primary and a secondary. You only need one to answer queries. If a guy registered a domain and used *his* box for the primary and just grabbed a random IP to register as a "secondary", why would he care of the secondary didn't work?then his domain is toast anyway as there is not dns server so effectively his domain is offline, this will be corrected soon if this is the case.
You're misunderstanding the problem. The problem is, we want to make sure our IPs aren't being used by someone else, even inadvertantly.1. just block of port 53 / udp for that address at the firewall 2. run a dns server that replies to all the quries with localhost or 127.0.0.1 after you have found what is causing this 3. set the refresh time, TTL and other values to -1 this should solve most of the problems as the clients would simply stop querying
Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Question for DNS pros Paul Schmehl (Jul 23)
- Enumerating a DNS servers authoritative zones (was Question for DNS pros) Bennett Todd (Jul 23)
- Re: Enumerating a DNS servers authoritative zones (was Question for DNS pros) Paul Schmehl (Jul 23)
- Re: Question for DNS pros Dennis Opacki (Jul 23)
- Re: Question for DNS pros VX Dude (Jul 23)
- Re: Question for DNS pros Oliver () greyhat de (Jul 23)
- Re: Question for DNS pros Paul Schmehl (Jul 23)
- Re: Question for DNS pros ALD, [ Aditya Lalit Deshmukh ] (Jul 23)
- Re: Question for DNS pros Paul Schmehl (Jul 23)
- Re: Question for DNS pros Steve (Jul 25)
- Re: Question for DNS pros Oliver () greyhat de (Jul 23)
- Re: Question for DNS pros Cyril Guibourg (Jul 23)
- Re: Question for DNS pros Nick FitzGerald (Jul 24)
- Re: Question for DNS pros Dave Yingling (Jul 25)
- Enumerating a DNS servers authoritative zones (was Question for DNS pros) Bennett Todd (Jul 23)
- Re: Question for DNS pros Steffen Schumacher (Jul 25)
- <Possible follow-ups>
- FW: Question for DNS pros Suzi and Harold VanPatten (Jul 25)
- Re: FW: Question for DNS pros Paul Schmehl (Jul 24)
- Re: FW: Question for DNS pros Paul Rolland (Jul 25)
- Re: FW: Question for DNS pros Paul Schmehl (Jul 24)