Re: nameservers open to world - with test output

To: Thedore Knab <tjk@annapolislinux.org>
Cc: debian-isp@lists.debian.org
Subject: Re: nameservers open to world - with test output
From: Nick Jennings <nick@namodn.com>
Date: Sat, 3 Nov 2001 12:42:20 -0800
Message-id: <[🔎] 20011103124220.A32015@rudy.namodn.com>
In-reply-to: <[🔎] 20011103135634.A14363@annapolislinux.org>; from tjk@annapolislinux.org on Sat, Nov 03, 2001 at 01:56:34PM -0500
References: <[🔎] 20011103135634.A14363@annapolislinux.org>

You could always firewall out port 53 on your external interface.

On Sat, Nov 03, 2001 at 01:56:34PM -0500, Thedore Knab wrote:
> It has recently came to my attention that anyone can use our company's nameservers.
> 
> I recently setup my home machine to use the company's nameserver to confirm this.
> 
> I was wondering if there was anyway to prevent people from using our company's NS for their personal servers ?
> 
> Would the extra traffic generated cause any problems on our network that I may not be aware of ?
> 
> ------------------------------------------------
> Test Confirmation that our NS is open to world: |
> ------------------------------------------------
> 
> -----------------------
> Step one: lookup name |
> -----------------------
> 
> mylinux machine$ whois ourdomain.com
> Whois Server Version 1.3
> 
> Domain names in the .com, .net, and .org domains can now be registered
> with many different competing registrars. Go to http://www.internic.net
> for detailed information.
> 
>  Domain Name: ournameserver.com
>  Registrar: NETWORK SOLUTIONS, INC.
>  Whois Server: whois.networksolutions.com
>  Referral URL: http://www.networksolutions.com
>  Name Server: NS1.ournameserver.net
>  Name Server: NS2.ournameserver.net
>  Updated Date: 27-oct-2001
> 
> ----------------------------------------------------
> Step two: change /etc/resolv.conf to the following |
> ----------------------------------------------------
> 
> search ournameserver.com
> nameserver 123.123.123.123 # nameserver1
> nameserver 123.123.123.134 # nameserver2
> 
> -------------------------
> Step three: sample run  |
> -------------------------
> 
> mylinux machine$ nslookup www.debian.org
> 
> Server: ournameserver.com
> Address: 123.123.123.123
> 
> Non-authoritative answer:
> Name:   www.debian.org
> Address: 198.186.203.20
> 
> mylinux machine$ 
> 
> ----------------------
> GNU PGP public key
> http://www.annapolislinux.org/docs/public_key/GnuPG.txt
> ---------------------
> Ted Knab
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 
> 

-- 
  Nick Jennings

Reply to:

References:
- nameservers open to world - with test output
  - From: Thedore Knab <tjk@annapolislinux.org>

Prev by Date: Re: nameservers open to world - with test output
Next by Date: Re: RAID & Hard disk performance
Previous by thread: Re: nameservers open to world - with test output
Next by thread: RE: nameservers open to world - with test output
Index(es):
- Date
- Thread