| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: aditya.deshmukh at online.gateway.technolabs.net (ALD, [ Aditya Lalit Deshmukh ]) Subject: Question for DNS pros > I can think of two possibilities: > 1) At some time in the past, a host *was* serving DNS at that address and > some "foreign" hosts have cached the address. i think your isp should have this info > 2) Someone somewhere has registered a domain and used our IP address for > one of their "nameservers" in the registration. then his domain is toast anyway as there is not dns server so effectively his domain is offline, this will be corrected soon if this is the case. > (If anyone can think of other explanations, please let me know.) > > The best suggestion yet has been to set up a name server at that address > with verbose logging. That's probably what I will do next week. 1. just block of port 53 / udp for that address at the firewall 2. run a dns server that replies to all the quries with localhost or 127.0.0.1 after you have found what is causing this 3. set the refresh time, TTL and other values to -1 this should solve most of the problems as the clients would simply stop querying -aditya ?????????????????????????????????????????????????????? ?b???v?"?.axZ?x??????Gb?*'??.?[kj???.?j)m???r??
Powered by blists - more mailing lists