Re: [Dnsmasq-discuss] Help in DNS amplification attack

2015-07-16 Thread Albert ARIBAUD
Bonjour @shuToSH, Le Fri, 17 Jul 2015 10:34:11 +0530, "@shuToSH Ch@tURveDI" a écrit : > as per link i shared they mention > > > in step 3 > "To test the vulnerability, we will check your server for a DNS record it > should not have. If a result is returned, then the info was pulled by your > s

[Dnsmasq-discuss] dhcp-range as a set doesn't seem to work for me.

2015-07-16 Thread David Cooper
Hi all, So my question is why does the enclosed config not work? It never seems to activate any of the sets unless I use pxe boot. Here is some background: I have large network. I have 11 subnets that need a dhcp proxy. I have a Network Access Control (NAC) application that has a very limited DH

Re: [Dnsmasq-discuss] IPv6 RA issues when bound to IPv4

2015-07-16 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dnsmasq needs to advertise the global address, I think. Receiving RAs shouldn't be a problem, dnsmasq binds the correct multicast address. Cheers, Simon. On 16/07/15 16:27, Michal Zatloukal wrote: > Hi all, > > I'm using dnsmasq (2.68-1ubuntu0.1

[Dnsmasq-discuss] IPv6 RA issues when bound to IPv4

2015-07-16 Thread Michal Zatloukal
Hi all, I'm using dnsmasq (2.68-1ubuntu0.1) on a machine where the need to run tftpd-hpa along with dnsmasq's own tftp server has arisen (both on just IPv4). I decided to use the "secondary IP address" feature in Linux networking system to bind tftpd-hpa to the secondary IP address, and set up dns

Re: [Dnsmasq-discuss] Help in DNS amplification attack

2015-07-16 Thread Albert ARIBAUD
Hi again AS, Le Thu, 16 Jul 2015 15:39:56 +0530, "@shuToSH Ch@tURveDI" a écrit : > NO, > > i am using router from LAN i am sending query like (nslookup 1and1.com IP > of LAN), > and dnsmasq listening on LAN, and WAN Internet reachable. > > i am also not sure this is issue or not. Is your dnsm

Re: [Dnsmasq-discuss] Help in DNS amplification attack

2015-07-16 Thread Albert ARIBAUD
Hi AS, Le Thu, 16 Jul 2015 11:40:42 +0530, "@shuToSH Ch@tURveDI" a écrit : > HI, > > using dnsmasq version 2.70, as mention in CHANGELOG that dns amplification > attack has been fixed in this version. > > but when checked this one > > https://help.1and1.com/servers-c37684/parallels-plesk-c377

[Dnsmasq-discuss] Help in DNS amplification attack

2015-07-16 Thread @shuToSH Ch@tURveDI
HI, using dnsmasq version 2.70, as mention in CHANGELOG that dns amplification attack has been fixed in this version. but when checked this one https://help.1and1.com/servers-c37684/parallels-plesk-c37703/troubleshooting-c85156/check-for-the-dns-amplification-attack-vulnerability-a791842.html i