Yes, And I monitor the list of ips it bans. These bans are from our dns
server only.
If I turn off the rule asc with all DNS server bans then the command
functions as normal.
Somewhere in that list there is a misbehaving ip asc with the ability to
resolve from google dns
On 10/28/2016 6:51 PM, Paul Stewart wrote:
Most IDS systems have logs that you could search through and find the look up …
should give you a clue … is that what you’re asking?
On Oct 28, 2016, at 7:28 PM, David Milholen <[email protected]> wrote:
Ok,
I have some happy IDS components that seem to stopping google dns from
completing a lookup to our website.
How can I find out what ips are being blocked from making the trip?
I am not sure a traceroute is going to do it. I dont have an issue getting to
google.
google-dns is having an issue finding our dns.
This is what I get with the commands I run
nslookup wletc.com 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53
** server can't find wletc.com: SERVFAIL
When I disable the firewall rule that drops the bad IPs this is what I get.
nslookup wletc.com 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: wletc.com
Address: 162.212.24.50
What ip addresses are causing the lookup to fail??
--
<Mail Attachment.jpeg>
--
