nameservers open to world - with test output
It has recently came to my attention that anyone can use our company's nameservers.
I recently setup my home machine to use the company's nameserver to confirm this.
I was wondering if there was anyway to prevent people from using our company's NS for their personal servers ?
Would the extra traffic generated cause any problems on our network that I may not be aware of ?
------------------------------------------------
Test Confirmation that our NS is open to world: |
------------------------------------------------
-----------------------
Step one: lookup name |
-----------------------
mylinux machine$ whois ourdomain.com
Whois Server Version 1.3
Domain names in the .com, .net, and .org domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
Domain Name: ournameserver.com
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NS1.ournameserver.net
Name Server: NS2.ournameserver.net
Updated Date: 27-oct-2001
----------------------------------------------------
Step two: change /etc/resolv.conf to the following |
----------------------------------------------------
search ournameserver.com
nameserver 123.123.123.123 # nameserver1
nameserver 123.123.123.134 # nameserver2
-------------------------
Step three: sample run |
-------------------------
mylinux machine$ nslookup www.debian.org
Server: ournameserver.com
Address: 123.123.123.123
Non-authoritative answer:
Name: www.debian.org
Address: 198.186.203.20
mylinux machine$
----------------------
GNU PGP public key
http://www.annapolislinux.org/docs/public_key/GnuPG.txt
---------------------
Ted Knab
Reply to: