>> -----Original Message----- >> From: [EMAIL PROTECTED] [mailto:nagios- >> users- >> [EMAIL PROTECTED] On Behalf Of Sean Schertell >> Sent: Friday, August 31, 2007 8:05 PM >> To: Nagios-users@lists.sourceforge.net >> Subject: [Nagios-users] check_dns works fine for half my >> servers,fails > for >> other half >> >> I'm not really a DNS guru, so it's probably an obvious thing -- would >> someone mind enlightening me as to why this happens? How come it >> works fine for the first server but fails for the second? Their >> definitely both running DNS. >> >> [EMAIL PROTECTED] etc]# /usr/local/nagios/libexec/check_dns -H >> microsoft.com -s rosemary.datafly.net >> DNS OK: 0.324 seconds response time. microsoft.com returns >> 207.46.197.32,207.46.232.182|time=0.323644s;;;0.000000 >> >> [EMAIL PROTECTED] etc]# /usr/local/nagios/libexec/check_dns -H >> microsoft.com -s nutmeg.datafly.net >> DNS CRITICAL - '/usr/bin/nslookup -sil' msg parsing exited with no >> address > > nutmeg is returning output from nslookup that check_dns can't > parse. It > would appear that nutmeg isn't configured to perform recursive lookups > (lookups for domains it doesn't host) and you're expecting it to. > > $ nslookup -sil microsoft.com rosemary.datafly.net > Server: rosemary.datafly.net > Address: 64.34.193.57#53 > > Non-authoritative answer: > Name: microsoft.com > Address: 207.46.232.182 > Name: microsoft.com > Address: 207.46.197.32 > > $ nslookup -sil microsoft.com nutmeg.datafly.net > Server: nutmeg.datafly.net > Address: 72.36.130.114#53 > > Non-authoritative answer: > *** Can't find microsoft.com: No answer > > As an aside, you shouldn't be allowing me to perform recursive lookups > with your servers anyway. Rosemary could easily be hijacked to perform > DNS based DOS attacks. > > - > Marc >
So does that mean then that it isn't possible to use the check_dns plugin without enabling recursive lookups and leaving my server open to DNS DOS attacks? Is there any way to use dns_check safely? Thanks :-) Sean :::: DataFly.Net :::: Complete Web Services http://www.datafly.net ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
