Andres
Dave Doherty escribi:
MS-DNS does not allow this
afaik
-d
-
Original Message -
From:
Nick Hayer
To:
Declude.JunkMail@declude.com
Sent:
Friday, August 19, 2005 10:20 AM
Subject:
Re: [Declude.JunkMail] OT: DNS attacks
on 8/18/05 3:08 PM, Matt wrote:
Agreed on the splitting idea. Keep one DNS firewalled from the outside world
and for use just by your clients and their address space, and then another one
that only resolves what you host and is open to everyone.
I guess I was on the right path. I did change
Morning Dave,
That would deny his internal
users the ability to resolve external domains.
Well you *may* have me on this one :) I do not know what dns server is
being used.
I use SimpleDNS so I can allow recursion by ip address/subnet. Bind
as well does this:
[ recurseallow ]
Nick,
It's not a technical issue regarding recursion, it's an issue of
needing recursion for customers, and wanting to block recursion when
coming from the outside world where the attacks are coming from. Kevin
indicated that BIND can handle doing that on the same server, but AFAIK
MS DNS
(nor have I heard that SimpleDNS does this either but could be
wrong).
Simple DNS does allow granular control of recursion by IP.
Nick was saying that if the OP were running Simple or Bind, then his
(Nick's) suggestion to limit recursion would not mean that the OP
would be turning
MS-DNS does not allow this
afaik
-d
- Original Message -
From:
Nick
Hayer
To: Declude.JunkMail@declude.com
Sent: Friday, August 19, 2005 10:20
AM
Subject: Re: [Declude.JunkMail] OT: DNS
attacks
Morning Dave,
That would deny his internal users
Any dns experts on the list?
Last week I noticed our one dns server was running at 100% cpu and using
nearly all its available memory. Reboot. Problem goes away until next day.
Repeat, etc. I determined that an outside entity was hammering the dns
server. Blocked them at the main router. Problem
Any dns experts on the list?
I'm not an expert but
...The server needs to do dns lookups for our clients,
That's not a problem as long as you allow outgoing DNS traffic on your
firewall (or in your case cisco router)
and needs to be available to other internet DNS servers for
AM
To: Declude.JunkMail@declude.com
Subject: [Declude.JunkMail] OT: DNS attacks
Any dns experts on the list?
Last week I noticed our one dns server was running at 100%
cpu and using nearly all its available memory. Reboot.
Problem goes away until next day.
Repeat, etc. I determined
on 8/18/05 1:49 PM, Markus Gufler wrote:
Are they
querrieng info's about domain names you're hosting or are this requests for
completely other domains and your server does the lookup and report the
result to the client.
The second case (other domains).
From what I've been able to determine,
Administrator
Sent: Thursday, August 18, 2005 5:39 AM
To: Declude.JunkMail@declude.com
Subject: [Declude.JunkMail] OT: DNS attacks
Any dns experts on the list?
Last week I noticed our one dns server was running at 100%
cpu and using nearly all its available memory. Reboot.
Problem goes away until next day
on your findings, and keep it in this OT: thread.
Andrew 8)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of
System Administrator
Sent: Thursday, August 18, 2005 5:39 AM
To: Declude.JunkMail@declude.com
Subject: [Declude.JunkMail] OT: D
the archive. To me bind also seems
more flexable.
Kevin
Bilbee
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Kevin
BilbeeSent: Thursday, August 18, 2005 1:42 PMTo:
Declude.JunkMail@declude.comSubject: RE: [Declude.JunkMail] OT: DNS
attacks
, August 18, 2005 3:06
PM
Subject: Re: [Declude.JunkMail] OT: DNS
attacks
Hi Greg,
Are they
querrieng info's about domain names you're hosting or are this requests for
completely other domains and your server does the lookup and report the
result to the client.
The second case
14 matches
Mail list logo