[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Question for DNS pros
- To: "Paul Schmehl" <pauls@xxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Question for DNS pros
- From: "ALD, [ Aditya Lalit Deshmukh ]" <aditya.deshmukh@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 24 Jul 2004 09:39:25 +0530
> I can think of two possibilities:
> 1) At some time in the past, a host *was* serving DNS at that address and
> some "foreign" hosts have cached the address.
i think your isp should have this info
> 2) Someone somewhere has registered a domain and used our IP address for
> one of their "nameservers" in the registration.
then his domain is toast anyway as there is not dns server so effectively his
domain is offline,
this will be corrected soon if this is the case.
> (If anyone can think of other explanations, please let me know.)
>
> The best suggestion yet has been to set up a name server at that address
> with verbose logging. That's probably what I will do next week.
1. just block of port 53 / udp for that address at the firewall
2. run a dns server that replies to all the quries with localhost or 127.0.0.1
after you have found what is causing this
3. set the refresh time, TTL and other values to -1 this should solve most of
the problems as the clients would simply stop querying
-aditya
ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
éb½êÞvë"?�axZÞx÷«²?Ú?Gb¶*'¡ó�?[kj¯ðÃ�æj)mªÿr?ÿ
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html