Installing PowerDNS Recursor

PowerDNS Recursor is a resolving DNS server, that runs as a separate process. The authoritative pdns_server can be configured to proxy recursive queries to the recursor, and optionally overlay authoritative zone data. The Recursor is used by several of the largest Internet providers of the world, including AOL, Shaw Cable and Neuf Cegetel. 1. Install […]

En Lire Plus

Use iptables to block some DNS queries

Use python script to get Hex Dump of a DNS query $ python >>> import binascii >>> def dns_hex(hex): … a = [binascii.hexlify(i) for i in hex.split(« . »)] … print « 06 ».join(a[0:-3])+ »07″.join(a[-3:-1])+ »02″+a[-1] … >>> dns_hex(« attack.attack.attack ») 61747461636b0761747461636b0261747461636b Here we are going to use the dump in the iptable rule Create the iptable rule $ sudo iptables -I INPUT […]

En Lire Plus

How Do I Update The Root Hints Data File for BIND Named Server?

Use wget command to retrieve file and store to /etc/bind/db.root (Debian / Ubuntu Linux), enter: # wget –user=ftp –password=ftp ftp://ftp.rs.internic.net/domain/db.cache -O /etc/bind/db.root Under Red Hat / CentOS / Fedora Linux, default location is /var/named/named.root, enter: # wget –user=ftp –password=ftp ftp://ftp.rs.internic.net/domain/db.cache -O /var/named/named.root Reload rndc to update information, enter: # rndc reload Another option is run […]

En Lire Plus

Install Caching-Only DNS server on CentOS 5.x

Install the BIND software # yum -y install bind # yum -y install caching-nameserver * Configure # cd /var/named/chroot/etc/ # ls -la total 48 drwxr-x— 2 root named 4096 Apr 29 03:06 . drwxr-x— 5 root named 4096 Feb 23 06:35 .. -rw-r–r– 1 root root  3519 Feb 27  2006 localtime -rw-r—– 1 root named […]

En Lire Plus

How To Setup Vanity DNS Name Server Using BIND 9

I’ve nameserver like ns1.example.com and ns2.example.com. I’d like to provide Vanity DNS for each domain such as ns1.yourdomain.com and ns2.yourdomain.com. Basically, my users should able to call my dns server as their own servers. This will create the illusion that my user run their own name servers. How do I setup vanity DNS using BIND […]

En Lire Plus

How to block DNS Amplification Attack isc.org any attack

I’ve been seeing the DNS ANY attack against my DNS servers. I’m using PDNS but this should work with BIND or any DNS server. My DNS servers are not recursive, but they are attacking me anyway. I guess I’m the DDOS amplifier. If you think the same thing is happening to you you can detect […]

En Lire Plus

How To Clear DNS Cache In Mac OSX Leopard

DNS request are usually cached, that’s good as it help to speeds up the lookups within the same host but sometimes we will want to clear the cache so it don’t hold the values that are no longer valid. To clear DNS cache in Mac OSX, we can do it with the help of Terminal. Mac OSX 10.4 […]

En Lire Plus

Install dnssd gem on ubuntu

If you got following error during dnssd installationchecking for dns_sd.h… nounable to find dnssd header*** extconf.rb failed *** then you have to install few libraries:sudo aptitude install libavahi-compat-libdnssd-dev

En Lire Plus