from:"King, Harold Clyde \(Hal\) via bind\-users"

Re: DNS DDoS protection

2023-02-24 Thread King, Harold Clyde (Hal) via bind-users

I would like to hear the latest configurations for BIND to help with DDoS.


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:10d03447-7c44-45f3-af46-cced14a24d4b]

From: bind-users  on behalf of Marco 

Sent: Friday, February 24, 2023 2:20 PM
To: bind-users@lists.isc.org 
Subject: Re: DNS DDoS protection

Am 24.02.2023 um 13:25:40 Uhr schrieb Bob Harold:

> Before answering this question, can you tell me the proper place
> where I should be asking this question?
>
> "We are researching DDoS protection, including DNS.  What companies or
> products or methods should I be looking at?"

If it is about the proper BIND configuration to avoid DoS, it is the
right place. It isn't the right place to look for companies that
provide such a service.
--
Visit 
https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fbind-users=05%7C01%7Chck%40utk.edu%7C7e22da4bbcb746cb3e2208db169c2a8a%7C515813d9717d45dd9eca9aa19c09d6f9%7C0%7C0%7C638128632210135360%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=kySXDwZ6CPoWCboliXpvuty9N1vlWnMvE2QRgi%2BCnqw%3D=0
 to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at 
https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.isc.org%2Fcontact%2F=05%7C01%7Chck%40utk.edu%7C7e22da4bbcb746cb3e2208db169c2a8a%7C515813d9717d45dd9eca9aa19c09d6f9%7C0%7C0%7C638128632210135360%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=8Ae0GXW%2FtYi322%2F%2FJpgy%2B0vEV3Od1svX%2FA3wnfi1RPw%3D=0
 for more information.


bind-users mailing list
bind-users@lists.isc.org
https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isc.org%2Fmailman%2Flistinfo%2Fbind-users=05%7C01%7Chck%40utk.edu%7C7e22da4bbcb746cb3e2208db169c2a8a%7C515813d9717d45dd9eca9aa19c09d6f9%7C0%7C0%7C638128632210135360%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=kySXDwZ6CPoWCboliXpvuty9N1vlWnMvE2QRgi%2BCnqw%3D=0
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: I need to find statistics on a running server.

2023-01-12 Thread King, Harold Clyde (Hal) via bind-users

Thank you very much. I forgot about rndc stats


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:d47c2196-1345-4deb-b3ea-048bab50a21f]

From: Howard, Christopher 
Sent: Thursday, January 12, 2023 1:42 PM
To: bind-users@lists.isc.org ; King, Harold Clyde 
(Hal) 
Subject: Re: I need to find statistics on a running server.

You can use "rndc stats" to have bind dump a file with stats in it.  This is 
how I get stats from our servers.  I store the values every 2 minutes and 
create a dashboard from that.  Stuff like total queries, total queries from 
ipv4 clients, total queries from ipv6 clients, total A//CNAME/PTR/NXDOMAIN 
requests/answers.  With it stored every 2 minutes it's easy to chart out number 
per second, of course that's averaged out over the 2 minute window.

-Christopher


On Thu, 2023-01-12 at 18:30 +0000, King, Harold Clyde (Hal) via bind-users 
wrote:
That's not bad idea.


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:f2542891-ff64-48e7-b76e-8dcf8558e0d7]

From: Jeff Sumner 
Sent: Thursday, January 12, 2023 1:22 PM
To: King, Harold Clyde (Hal) ; bind-users 

Subject: Re: I need to find statistics on a running server.

You don't often get email from kc4...@gmail.com. Learn why this is 
important<https://aka.ms/LearnAboutSenderIdentification>

I’ve turned on query logging, then grepped for the count of lines logged in a 
particular second.



Worked well enough for the job at the time.



J



De: bind-users  em nome de "King, Harold 
Clyde (Hal) via bind-users" 
Responder A: "King, Harold Clyde (Hal)" 
Data: quinta-feira, 12 de janeiro de 2023 1:20 PM
Para: bind-users 
Assunto: I need to find statistics on a running server.



I need to find some answers like queries per second.  Any fast ideas folks?

--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599

[cid:ddc53916-50a2-4e86-8dac-18eabfd73205]

-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list ISC funds the development of this software with paid support 
subscriptions. Contact us at https://www.isc.org/contact/ for more information. 
bind-users mailing list bind-users@lists.isc.org 
https://lists.isc.org/mailman/listinfo/bind-users
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: I need to find statistics on a running server.

2023-01-12 Thread King, Harold Clyde (Hal) via bind-users

That's not bad idea.


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:f2542891-ff64-48e7-b76e-8dcf8558e0d7]

From: Jeff Sumner 
Sent: Thursday, January 12, 2023 1:22 PM
To: King, Harold Clyde (Hal) ; bind-users 

Subject: Re: I need to find statistics on a running server.

You don't often get email from kc4...@gmail.com. Learn why this is 
important<https://aka.ms/LearnAboutSenderIdentification>

I’ve turned on query logging, then grepped for the count of lines logged in a 
particular second.



Worked well enough for the job at the time.



J



De: bind-users  em nome de "King, Harold 
Clyde (Hal) via bind-users" 
Responder A: "King, Harold Clyde (Hal)" 
Data: quinta-feira, 12 de janeiro de 2023 1:20 PM
Para: bind-users 
Assunto: I need to find statistics on a running server.



I need to find some answers like queries per second.  Any fast ideas folks?

--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599

[cid:ddc53916-50a2-4e86-8dac-18eabfd73205]

-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list ISC funds the development of this software with paid support 
subscriptions. Contact us at https://www.isc.org/contact/ for more information. 
bind-users mailing list bind-users@lists.isc.org 
https://lists.isc.org/mailman/listinfo/bind-users
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

I need to find statistics on a running server.

2023-01-12 Thread King, Harold Clyde (Hal) via bind-users

I need to find some answers like queries per second.  Any fast ideas folks?

--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:ddc53916-50a2-4e86-8dac-18eabfd73205]
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: getting answers from DNS queries

2022-04-25 Thread King, Harold Clyde (Hal) via bind-users

That's fair. I can see queries come into my DNS server, but I can't find 
answers to thoughts queries. I have an RPZ zone and I get a log file that says 
PASSTHROUGH or NXDOMAIN. That tells me that the request was served or denied. I 
want something that will tell me the answer to each query. I have my server set 
to denied requests for recursion. So I know those will be denied, I want that 
for every query. I compile each new release and use that for production. Is 
there something I can set at compile-time? Perhaps I add an option to the 
logging statement? I kinda lost my google-fu on this one and I really am 
thankful to y'all for any help that you might have.

--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:f96c691b-14fb-43c3-81bb-27c0801dd170]

From: Ondřej Surý
Sent: Monday, April 25, 2022 10:37 AM
To: King, Harold Clyde (Hal)
Cc: bind-users
Subject: Re: getting answers from DNS queries

> I asked this last week, but I didn't an answer.

Probably because I still don’t know what you mean. You need to better
articulate your problem and your question.

Ondrej
--
Ondřej Surý (He/Him)
ond...@isc.org

My working hours and your working hours may be different. Please do not feel 
obligated to reply outside your normal working hours.

> On 25. 4. 2022, at 16:11, King, Harold Clyde (Hal) via bind-users 
>  wrote:
>
> I asked this last week, but I didn't an answer. Who can I tell if a DNS query 
> is refused or answered? Is it in the log files? Can a compile-time option 
> help me access it? Sorry to repeat but I really need to know this.
>
> Thank in advance.
>
>
> --
>
> Hal King  - h...@utk.edu
> Systems Administrator
> Office of Information Technology
> Shared Services
>
> The University of Tennessee
> 103c5 Kingston Pike Building
> 2309 Kingston Pk. Knoxville, TN 37996
> Phone: 974-1599
> 
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
> this list
>
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at https://www.isc.org/contact/ for more information.
>
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

getting answers from DNS queries

2022-04-25 Thread King, Harold Clyde (Hal) via bind-users

I asked this last week, but I didn't an answer. Who can I tell if a DNS query 
is refused or answered? Is it in the log files? Can a compile-time option help 
me access it? Sorry to repeat but I really need to know this.

Thank in advance.


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:00350bec-9764-4740-8d61-e8bec49334bc]
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: How can I tell if a quiry is answered or denied

2022-04-20 Thread King, Harold Clyde (Hal) via bind-users

That's not in my version of bind-9.16.23.

Thanks anyway!


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:d0cf86b5-1da2-47ba-9a66-0e3522260ce4]

From: Jeff Sumner 
Sent: Wednesday, April 20, 2022 4:25 PM
To: King, Harold Clyde (Hal) ; bind-users 

Subject: Re: How can I tell if a quiry is answered or denied

You don't often get email from kc4...@gmail.com. Learn why this is 
important





***

You can turn on answer logging:



rndc answerlog







Apologies- I believe the above is likely specific to EIP DNS builds.



J
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

How can I tell if a quiry is answered or denied

2022-04-20 Thread King, Harold Clyde (Hal) via bind-users

I'm trying to find bad actors stretching out my load on my main DNS server I 
can't tell from the query log if a host is denied an answer, or given an 
answer. Also, can I get the answer in my logs? I got one great answer today, 
maybe I'm pushing my luck, but I do feel lucky.


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:fe5c07f5-ef0a-4dd8-a8d0-f22481933b6b]
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Reading secondary PTR files

2022-04-20 Thread King, Harold Clyde (Hal) via bind-users

Thank you that did the trick!


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:7843e9a7-77dc-4edb-92f4-95ba78de367b]

From: Larry Rosenman 
Sent: Wednesday, April 20, 2022 9:56 AM
To: King, Harold Clyde (Hal) 
Cc: bind-users 
Subject: Re: Reading secondary PTR files

You don't often get email from l...@lerctr.org. Learn why this is 
important<http://aka.ms/LearnAboutSenderIdentification>

this is what I use with 9.18.1
named-compilezone -f raw -F text -o - 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa 
0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa.signed


On 04/20/2022 8:42 am, King, Harold Clyde (Hal) via bind-users wrote:

I  need to read the reverse zone in txt and I'm not sure how to decode the file 
with named-compilezone. Does anyone know the part I'm missing?
named-compilezone -f raw -F text -o 
/etc/named/secondary/9.249.192.in-addr.arpa.db 9.249.192 
/etc/named/secondary/9.249.192.in-addr.arpa.db


--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:16504630076260111f6e158884917586@lerctr.org]




--
Larry Rosenman 
http://www.lerctr.org/~ler<https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.lerctr.org%2F~ler=05%7C01%7Chck%40utk.edu%7C6cebeb03aae44b96901908da22d5a086%7C515813d9717d45dd9eca9aa19c09d6f9%7C0%7C0%7C637860598513880738%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C=lstRONgc2LQLeer%2FBMd52bIRmIenyDC0PukWdDamADM%3D=0>
Phone: +1 214-642-9640 E-Mail: 
l...@lerctr.org<mailto:l...@lerctr.org>
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reading secondary PTR files

2022-04-20 Thread King, Harold Clyde (Hal) via bind-users

I  need to read the reverse zone in txt and I'm not sure how to decode the file 
with named-compilezone. Does anyone know the part I'm missing?
named-compilezone -f raw -F text -o 
/etc/named/secondary/9.249.192.in-addr.arpa.db 9.249.192 
/etc/named/secondary/9.249.192.in-addr.arpa.db

--

Hal King  - h...@utk.edu
Systems Administrator
Office of Information Technology
Shared Services

The University of Tennessee
103c5 Kingston Pike Building
2309 Kingston Pk. Knoxville, TN 37996
Phone: 974-1599
[cid:36fbaf98-8bc3-4d0b-8a9a-8eeade380eaa]
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: DNS DDoS protection

Re: I need to find statistics on a running server.

Re: I need to find statistics on a running server.

I need to find statistics on a running server.

Re: getting answers from DNS queries

getting answers from DNS queries

Re: How can I tell if a quiry is answered or denied

How can I tell if a quiry is answered or denied

Re: Reading secondary PTR files

Reading secondary PTR files

10 matches

Site Navigation

Mail list logo

Footer information