That is what I exactly did and noticed that packets are received on bind
and bind is directly forwarding.
See my first email that has packet captures
On Sun, Nov 17, 2024, 18:17 Lee wrote:
> On Sun, Nov 17, 2024 at 1:28 AM Blason R wrote:
> >
> > Nah even that didn'
Agree but response for app.hubspot.com.is getting modified and i see issue
with only this domain.
On Sun, Nov 17, 2024, 12:01 Mark Andrews wrote:
> RPZ stands for RESPONSE POLICY ZONE. It does NOT block queries. It
> modifies replies.
> --
> Mark Andrews
>
> On 17 Nov 2024,
Nah even that didn't work.
If I directly query to bind it blocks or wall garden the request but if I
send it through windows AD or any other server bind just forwards the
request to forwarders.
On Sat, Nov 16, 2024, 23:55 Lee wrote:
> Hi
>
> On Fri, Nov 15, 2024 at 10:24 PM
Where is that exactly to be added? I added in response-policy
statement then I tired adding in options stanza but rndc fails
everytime.
On Fri, Nov 15, 2024 at 6:35 PM Blason R wrote:
>
> Hmmm - Ok let me try doing that. Thanks for letting me know
>
> On Fri, Nov 15, 2024 at 3:43 P
Hmmm - Ok let me try doing that. Thanks for letting me know
On Fri, Nov 15, 2024 at 3:43 PM Lee wrote:
>
> On Thu, Nov 14, 2024 at 1:48 AM Blason R wrote:
> >
> > Hello Team,
> >
> > I am encountering an unusual problem. I am using BIND version BIND
> > 9.18
app.hubspot.comCNAME .
On Fri, Nov 15, 2024 at 7:42 AM Nick Tait via bind-users
wrote:
>
> On 14/11/2024 7:48 pm, Blason R wrote:
> > And here is zone file
> >
> > $TTL 180
> > @ IN SOA ns1.custom.block. ns1.custom.block.
> >
That's my nginx load balancer ip. Surprisingly this happens only with this
domain.
On Thu, Nov 14, 2024, 17:30 Peter Davies wrote:
> Hi Blason,
>Your configuration looks correct, though BIND will try to resolve the
> "wg.custom.block"
> through your forwarders.
>
> What reply do you get from
Hello Team,
I am encountering an unusual problem. I am using BIND version BIND
9.18.19-1+ubuntu22.04.1+isc+1-Ubuntu and have configured BIND RPZ. My
objective is to block access to app.hubspot.com, for which I have
established a zone.
response-policy {
zone "custom.block";
...
..
}
zone "custom.
"gov.in" and
> there were some recent problems with "gov" as well.
> Please search this mailing list archive for those domains and you may find
> some useful hints, tips and information that explain and help you with your
> own problem.
>
> Cheers, Greg
>
>
do I debug any queries.
On Tue, Dec 12, 2023, 00:28 Marco Moock wrote:
> Am 11.12.2023 um 23:37:36 Uhr schrieb Blason R:
>
> > I require assistance in troubleshooting the resolution issue for
> > specific domains that are not being resolved properly. The version of
> > B
Hi Guys,
I require assistance in troubleshooting the resolution issue for specific
domains that are not being resolved properly. The version of BIND I am
currently using is BIND 9.18.20-1.
TIA
Blason R
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
does, then you know the issue is with how DNSSEC is configured on
> your server.
>
>
>
> John
>
>
>
> *From:* bind-users [mailto:bind-users-boun...@lists.isc.org
> ] *On Behalf Of *Blason R
> *Sent:* Wednesday, August 30, 2023 8:20 AM
> *To:* bind-users
> *Subject:* Fac
Hi all,
I have bind BIND 9.18.17-1+ubuntu22.04.1+isc+1-Ubuntu (Extended Support
Version)
And I am facing this weird issue. Somehow eportal.incometax.gov.in site is
not getting resolved through DNS.
I tried a lot but unfortunately the issue still persists.
Here are packet capture logs.
listening
Hi,
Keen to know if rndc addzone functionality can be used to add zones in bind
serving response-policy? If so then what would be my view? Do I need to
define my view to make it work?
I tried this and its failing hence wondering if rndc can be used to add
zone or delete zone on the fly?
Here is
ordinary user does not want to configure BIND. Some smart
> installer might be enough.
>
> Regards,
> Petr
>
> On 5/11/20 6:14 AM, Blason R wrote:
> > Hi Folks,
> >
> > I am seeking solution for our below problem and wanted to know if any
> open
> > sou
nts on Win - create
> policies.
>
> BR,
> Vadim
>
> On May 10, 2020, at 23:52, Blason R wrote:
>
> Thats a nice starting point -
>
> https://www.nginx.com/blog/using-nginx-as-dot-doh-gateway/
>
> But still looking for any client utility so that users can not shutdo
Thats a nice starting point -
https://www.nginx.com/blog/using-nginx-as-dot-doh-gateway/
But still looking for any client utility so that users can not shutdown or
can not suspend the service
On Mon, May 11, 2020 at 12:18 PM Blason R wrote:
> Hmm- Any docs on configuring DOH Proxy?
>
&g
Hmm- Any docs on configuring DOH Proxy?
On Mon, May 11, 2020 at 11:56 AM Daniel Stirnimann <
daniel.stirnim...@switch.ch> wrote:
>
>
> On 11.05.20 08:18, Vadim Pavlov via bind-users wrote:
> > The main issue that bind does’t provide an authentication method. So in
> > any case you somehow should
um 06:14 schrieb Blason R:
> > I am seeking solution for our below problem and wanted to know if any
> > open source option can help us here?
> > We have our internal DNS RPZ firewall built on BIND9. Due to the current
> > situation since all users are working from home w
ption?
Thanks & Regards
Blason R
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
servers can be created even behind legit (but
> compromised) websites.
>
> Vadim
>
> On Oct 2, 2019, at 10:04, Blason R wrote:
>
> Block 443? Not even possible since most of the portals/web servers now a
> days works on TCP/443
>
> On Wed, Oct 2, 2019 at 6:57 PM
Block 443? Not even possible since most of the portals/web servers now a
days works on TCP/443
On Wed, Oct 2, 2019 at 6:57 PM Alan Clegg wrote:
> On 10/2/19 8:00 AM, Blason R wrote:
> > Hmm that is a good idea to block the DOH queries but what I understood
> > is blocking on
the
> web browser is configured to use "normal" DNS to lookup the DoH
> endpoint. See also:
>
> https://github.com/bambenek/block-doh
>
> Daniel
>
> On 02.10.19 13:23, Blason R wrote:
> > Hi Folks,
> >
> > Wondering if anyone has any clue or de
Hi Folks,
Wondering if anyone has any clue or defining policies for blocking DoH [DND
Over HTTPS] traffic using bind RPZ feature?
Does anyone have any use case about it?
Thanks and Regards,
Blason R
___
Please visit https://lists.isc.org/mailman
Well there are other cheaper Solutions are available like from Array
network or peplink they can offer DNS sub domain delegation of GSLB.
But I really doubt if any such OSS can do the similar job.
On Thu, 12 Sep 2019, 21:10 Roberto Carna, wrote:
> Hi people, is it possible to setup BIND in orde
I guess you need to DNS Sub-domain delegation.
On Wed, Jun 5, 2019 at 8:51 PM Kevin Darcy wrote:
> Publish all 3 NSes.
>
> Publish MX records with primary/failover preferencing.
>
> Use a load-balancer (free or commercial, software/hardware/cloud-based) to
> direct the web traffic.
>
>
Yep thats what I wanted so I was right and couple of records are above 254
hence my zone is failing.
On Wed, Jun 5, 2019 at 4:37 PM Tony Finch wrote:
> Blason R wrote:
>
> > As soon as I find the longs URLs with more than 150 words and remove it.
> It
> > start perfectly
remove it. It
start perfectly
Though 150 is I considered and even tried with 200 and it worked. So
wondering what is the limit?
Thanks and Regards,
Blason R
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
domain even if I enable this
protection on BIND not sure if that would take effect?
Thanks and Regards,
Blason R
On Mon, Jan 28, 2019 at 4:05 PM Tony Finch wrote:
> Blason R wrote:
> >
> > Can someone guide me on prevention and possible configuration in BIND
> from
> > DNS
Hi Team,
Can someone guide me on prevention and possible configuration in BIND from
DNS Re-bind attack?
Thanks and Regards,
Blason R
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing
Its there!!!
On Mon, Aug 13, 2018 at 6:58 PM Bob Harold wrote:
>
>
> --
> Bob Harold
> hostmaster, UMnet, ITcom
> Information and Technology Services (ITS)
> rharo...@umich.edu
> 734-647-6524 desk
>
>
> On Sun, Aug 12, 2018 at 2:38 AM Blason R wrote:
>
>
to 192.168.3.78.
PS: I guess there are certain folks are on list from commercial RPZ
services, are they facing same issue?
On Sun, Aug 12, 2018 at 10:12 AM Bob Harold wrote:
>
> On Fri, Aug 10, 2018 at 10:53 PM Blason R wrote:
>
>> Infact what I observed that the intermediate
a.gtld-servers.net
<http://a.gtld-servers.net>. nstld.verisign-grs.com
<http://nstld.verisign-grs.com>. 1533954938 1800 900 604800 86400*
;; Query time: 0 msec
;; SERVER: 192.168.3.15#53(192.168.3.15)
;; WHEN: Sat Aug 11 08:12:17 IST 2018
;; MSG SIZE rcvd: 114
On Sat, Aug 11, 2018 at 7:57 A
Ok - Now I added like this and it disappeared.
response-policy { zone "whitelist.allow" policy passthru;
zone "malware.trap";
zone "ransomwareips.block"; } qname-wait-recurse no
break-dnssec no;
On Sat, Au
zone "malware.trap";
zone "ransomwareips.block"; } qname-wait-recurse no
break-dnssec no; };
On Sat, Aug 11, 2018 at 1:17 AM Carl Byington wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On Fri, 2018-08-10 at 13:17 +0530, Blason R wrote:
>
n't know whether
> your RPZ configuration is supposed to change that.
>
> Sam
>
>
> > On 9 Aug 2018, at 18:25, Blason R wrote:
> >
> > Is it a big?? I mean certain domains from my rpz feeds are properly
> getting resolved while few are giving nxdomain though
can
provide the logs and config.
Or if someone has a similar setup can try simulating at their end and
confirm, plz?
On Fri, Aug 10, 2018 at 1:17 PM Blason R wrote:
> Nah I dont think that is the answer since you need a termination after
> clause.
>
>
> Thanks and Regards,
>
zone "malware.trap";
> zone "ransomwareips.block";
> } qname-wait-recurse no break-dnssec no;
>
> Vadim
>
> On 09 Aug 2018, at 20:50, Blason R wrote:
>
> This is the error I am getting
>
> /etc/bind/named.conf.options:24: expected &#x
This is the error I am getting
/etc/bind/named.conf.options:24: expected 'zone' near 'qname-wait-recurse'
On Fri, Aug 10, 2018 at 9:10 AM Blason R wrote:
> Hi there,
>
> Where it should appear? ARM says it should appear inl Global-section of
> response-policy
"ransomwareips.block";
};
qname-wait-recurse no;
break-dnssec no;
On Fri, Aug 10, 2018 at 8:09 AM Blason R wrote:
> Well mine is bit different. I have RPZ and almost 40+ RPZ entries wall
> gardened. And in my scenario users are talking to windows based
server are
not at all getting resolved. When I captured packets on BIND/RPZ server I
see that those domains are getting NXdomain by RPZ and not sure why.
Thanks and Regards,
Lionel F
On Thu, Aug 9, 2018 at 11:08 PM Bob Harold wrote:
>
> On Thu, Aug 9, 2018 at 9:31 AM Blason R
Well this is valid when users are directly talking to RPZ servers. What if
there is one more resolver in between like Active Directory which itself
acts as a DNS server? In that case I believe you don't need to do that,
right?
On Fri, Aug 10, 2018 at 12:33 AM Grant Taylor via bind-users <
bind-use
Is it a big?? I mean certain domains from my rpz feeds are properly getting
resolved while few are giving nxdomain though they appear in zone.
On Thu, Aug 9, 2018, 8:57 PM Sam Wilson wrote:
> On 2018-08-09 14:00:55 +0000, Blason R said:
>
> > For example this one.
> >
>
For example this one.
18:59:26.905177 IP 192.168.1.120.65049 > 192.168.1.42.53: 42074+ A?
0351dag.com. (29)
18:59:26.905299 IP 192.168.1.42.53 > 192.168.1.120.65049: 42074 NXDomain
0/1/0 (102)
On Thu, Aug 9, 2018 at 6:59 PM Blason R wrote:
> Hi Bind-Users,
>
> I would reall
Hi Bind-Users,
I would really appreciate if someone can help me understanding my issue
with BIND RPZ server?
I have one windows server say 192.168.1.42 and then RPZ server with
192.168.1.179. I noticed that there are certain domains which are not
getting resolved from end users.
Ideally since th
n Wed, Aug 8, 2018 at 10:26 PM Matus UHLAR - fantomas
wrote:
> On 08.08.18 19:32, Blason R wrote:
> >I am bit confused about DNS forwarders. I have two BIND Servers one is
> >being used as Authoritative DNS server which has forwarder set
>
> why?
>
> > to other
&
Hi there,
I am bit confused about DNS forwarders. I have two BIND Servers one is
being used as Authoritative DNS server which has forwarder set to other
server like this
Auth Server for xvyz.com 192.168.3.15
Recursive Server 192.168.3.44
Now if I am debugging from client side using -debug optio
Well I was working on the same but you really need to have good RPZ feeds.
I subscribed to third party feeds and have worked on my RPZ but later you
need to have good reporting engine. Hence better to have a dedicated RPZ
server instead and that's what I could suggest.
This is not marketing talk b
Hi there,
I have little confusion about bind and Windows AD/DNS Setup and woudl
appreciate if someone can shed some light on my query.
Well, I have BIND/RPZ setup in my environment and I have AD/DNS server,
users are configured to talk to Windows DNS server and it has forwarder set
to my BIND/RPZ
.
Even after zone refresh time it always shows 1 record transferred in fact
some time I even add added or deleted more than 1 records. Hence finally I
deleted the file from slave
and restarted the daemon and it done the trick.
On Sat, Jul 7, 2018 at 9:30 PM Matus UHLAR - fantomas
wrote:
> On 0
Well after numerous try I could not succeed hence then I had to delete the
block.now.db file and had to restart the service
it then done the AXFR and later IXFR started as well.
On Sat, Jul 7, 2018 at 9:55 AM Blason R wrote:
> Well, I just tried transferring zone using dig and it was success
2018 09:53:11.521 client xx.xx.xx.xx#16129 (immediate.block):
transfer of 'block.now/IN': AXFR ended
On Sat, Jul 7, 2018 at 9:07 AM Blason R wrote:
> Yes Anand is right; I didnt diclose the full config at Slave but its been
> configured to listen on port 15455 and that UDP p
Yes Anand is right; I didnt diclose the full config at Slave but its been
configured to listen on port 15455 and that UDP port is listening and I can
connect to that port using nc.
It was in fact working absolutely fine but suddenly it stopped.
@Ananad - can you confirm what command should I run
Hi Team,
Any clue how do I troubleshoot why master to Slave IXFR/AXFR stopped? It
was working before even my logs shows notifies..I can connect to my slave
on customised port that NOTIFY messages are sent but then PULL from slave
to master is not working.
Master
zone "block.now" {
type ma
; But this:
>
>
>
> logging {
>
> channel ns_log {
>
> file "/var/log/named/named.log";
>
> severity dynamic;
>
> print-time yes;
>
> print-severity yes;
>
> print-ca
What exactly are those? Well what I wated to achieve here is to rotate the
logs daily and start new file; then compress
On Thu, Jul 5, 2018 at 6:21 AM Rohan Henry wrote:
> Why not use Bind logging option?
>
> On Jul 4, 2018 8:51 AM, "Blason R" wrote:
>
>> Hi T
Hi There,
I am not getting appropriate results for my custom daily logrorate for
bind9 logs on Ubuntu.
Can someone please help me with the settings which would include below
stuff
1. Should rotate daily
2. Compress
3. create new file
4. keep last 180 entries
Do I need stop bind9
Excellent..Thanks!
On Fri, Jun 29, 2018 at 10:52 PM wrote:
> From: "Blason R"
>
> > OK - Got it so is there any settings available at master by which it
> > will keep on probing slave and as soon it is contacted NOTIFY Message is
> sent.
>
> No. The sla
(716) 821-7285
>
> "bind-users" wrote on 06/29/2018
> 12:53:07 PM:
>
> > From: "Blason R"
>
> > I have bind Master server with me and slave is at other remote
> > location. My query is since I have opted for PUSH update from master
> > to s
Hi There,
I have bind Master server with me and slave is at other remote location. My
query is since I have opted for PUSH update from master to slave over
random port.
What if the link at slave is down and NOTFY message is not reached? When
will slave then pull the update?
Lets take an example
Excellent Inputs guys and thanks a ton for your feedbacks. RPS is quite
interesting and which one is commercial offering for the same?
On Sun, Jun 17, 2018 at 10:56 PM Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 06/17/2018 11:18 AM, Vadim Pavlov via bind-users wrote:
> > J
Hi Team,
Can someone please guide if DNS exfiltration techniques can be identified
using DNS RPZ? Or do I need to install any other third party tool like IDS
to identify the the DNS beacon channels.
Has anyone used DNS RPZ to block/detect data exfiltration?
___
Thanks!
Any particular use case or configuration you would like to suggest?
On Sun, Jun 10, 2018 at 10:25 AM Vadim Pavlov wrote:
> Hi Blason,
>
> You can use MaxMind GeoIP DB and enrich logs with data you need.
>
> Vadim
> > On 09 Jun 2018, at 17:33, Blason R wr
Hi There,
I have DNS RPZ server runnnig and have configured logstatsh on the same to
parse the DNS RPZ logs.
My requirement is I need to build Geo Map basis on the DNS responses; Any
idea how can that be achieved? Or need to know the requests made from which
country and any other idea community c
Yes that was the issue :) and got resolved.
On Fri, Jun 1, 2018 at 11:29 PM, Blason R wrote:
> I guess this could be the issue
>
> zone "malware.trap" {
> type master;
> file "/var/lib/bind/zones/malware.trap.db";
> allow-query { loc
I guess this could be the issue
zone "malware.trap" {
type master;
file "/var/lib/bind/zones/malware.trap.db";
allow-query { localhost;};
On Fri, Jun 1, 2018 at 11:28 PM, Blason R wrote:
> Well this is I am getting in network.log what could b
Well this is I am getting in network.log what could be the issue?
01-Jun-2018 23:27:42.274 client 192.168.5.103#58425 (wg.block.tld): query
'wg.block.tld/A/IN' denied
On Fri, Jun 1, 2018 at 11:27 PM, Bob Harold wrote:
>
> On Fri, Jun 1, 2018 at 1:36 PM Blason R wrote:
>
&
Hi there,
I am writing a RPZ zone and here is my zone file. RPZ is working fine but
somehow A records are not getting resovled hence I am unable to do the
wall-gardening.
Can someone please help
$TTL 3h
@ IN SOA ns1.malware.trap. admin.malware.trap.(
, May 23, 2018 at 8:43 PM, Chris Buxton
wrote:
> On May 22, 2018, at 7:35 PM, Blason R wrote:
>
> > Wondering if anyone have a working How-To guide for implementing
> nsupdate with RPZ? I mean do we need to configure any specific settings in
> zone of Options?
>
> A respon
Hey,
Thanks a lot for your crisp and short answer!!
On Wed, May 23, 2018 at 6:31 PM, Matthew Pounsett
wrote:
>
>
> On 23 May 2018 at 07:37, Blason R wrote:
>
>> Hi Guys,
>>
>> Can we define masters as hostname instead of IP address? I guess its not
>> pos
Hi Guys,
Can we define masters as hostname instead of IP address? I guess its not
possible but wondering if community can shed come light on this?
zone "test.update" {
type slave;
masters { cloud.dns.net; };
file "/var/lib/bind/test.update.db";
allow-notify { cloud
Hi Team,
Wondering if anyone have a working How-To guide for implementing nsupdate
with RPZ? I mean do we need to configure any specific settings in zone of
Options?
Please advise
TIA
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users t
Okies so zone xfer would happen on TCP/53 correct and notify would be sent
on udp/53?
On Fri, May 18, 2018, 7:31 PM Matus UHLAR - fantomas
wrote:
> >> On 17.05.18 23:00, Blason R wrote:
> >>> So here I am sending notification to 192.168.5.49 on port 4545; my
&g
why? is there any logic in this?
yeah management does not want to allow direct syncing with master as they
dont want to expose any info to them.
On Fri, May 18, 2018 at 7:32 PM, Matus UHLAR - fantomas
wrote:
> On 18.05.18 19:29, Blason R wrote:
>
>> I have this other query on RPZ
Hi Guys,
I have this other query on RPZ; I have one master server [lets say
masterns.test.com.] on cloud. One slave [slavens.test.com] in my
organization and our partner would also want to sync with slave but not
with master server.
How can one slave can sync with other slave? Can someone please
Nah that is not my query; instead I wanted updates to be sent on other
port and not TCP/53. Queries let it happen on UDP 53
On Fri, May 18, 2018 at 3:02 PM, Matus UHLAR - fantomas
wrote:
> On 17.05.18 23:00, Blason R wrote:
>
>> I have RPZ installed on server and its acting as a m
Thats correct taht worked for me and checking further now.
On Fri, May 18, 2018 at 1:23 PM, Warren Kumari wrote:
> On Fri, May 18, 2018 at 9:41 AM Blason R wrote:
>
> > Hi there,
>
> > Thanks for the update and here is my config and error I am getting. Can
> you pleas
e: Control process exited,
code=exited status=1
On Fri, May 18, 2018 at 12:08 AM, Matthew Pounsett
wrote:
>
>
> On 17 May 2018 at 13:30, Blason R wrote:
>
>> Hi,
>>
>> I have RPZ installed on server and its acting as a master server but
>> somehow port se
Hi,
I have RPZ installed on server and its acting as a master server but
somehow port setting is not working on master
## Master Server configuration
response-policy { zone "malware.trap"; };
zone "malware.trap" {
type master;
file "/var/lib/bind/malware.trap.db";
notify explicit;
also-
s://ftp.isc.org/isc/bind9/9.12.1/doc/arm/Bv9ARM.ch05.html
>
> Regards,
> Anand
>
> On 06/05/2018 18:15, Blason R wrote:
>
> > This needs to be configured on Master or slave or both?
> >
> > On Sun, May 6, 2018 at 2:29 AM, Grant Taylor via bind-users <
> > bi
This needs to be configured on Master or slave or both?
On Sun, May 6, 2018 at 2:29 AM, Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 05/05/2018 11:35 AM, Blason R wrote:
> > BTW on the slave dumped zones are not in a readable format I believe
> > those
, /dev/rob0 wrote:
> On Sat, May 05, 2018 at 03:52:16PM +0530, Blason R wrote:
> > Since I am building Master/slave RPZ for my organization I do have
> > couple of queries.
> >
> >
> >1. My ixfr is not working as soon as I remove the statement it
> >wo
Absolutely that is TCP/53 required for Zone Xfer right?
On Sat, May 5, 2018 at 10:34 PM, Matus UHLAR - fantomas
wrote:
> On 05.05.18 09:52, Blason R wrote:
>
>> OK So wondering if I have master in cloud wanted to know which port should
>> I open for slave which is behind corp
Hi Team,
Since I am building Master/slave RPZ for my organization I do have couple
of queries.
1. My ixfr is not working as soon as I remove the statement it works fine
2. Do I need to create files at secondary server? or will those be
created automatically?
3. I guess I always need
OK So wondering if I have master in cloud wanted to know which port should
I open for slave which is behind corporate firewall and if I set as below
then my slaves will start listening on port 2034? I am bit confused on port
numbers for NOTIFY messages and NOTIFY-UPDATED [i.e. AXFR/IXFR]
also-noti
rvers for a given zone.
>
> Also notify pertains too the notification of name servers not included in
> zone data.
>
> Kind Regards Peter
>
> On 04/05/2018 05:51, Blason R wrote:
>
> Hi,
>
> So I was playing with these two statements and wanted to know something o
Hi,
So I was playing with these two statements and wanted to know something on
also-notify.
also-notify by default will update slaves about delta changes on port
TCP/53 if not explicitly set right?
e.g.
also-notify {10.0.1.2; "notify-them" port 2034;};
__
Again unicast could be any IP address or normal IP address given on server?
There is no such specification like multicast
On Thu, May 3, 2018 at 7:46 PM, Blason R wrote:
> Thanks I got it, Below link helped me understand.
>
> https://deepthought.isc.org/article/AA-00518/0/
PM, Blason R wrote:
> Hi there,
>
> Can someone please guide me on working configuration of Mater/Slave zone
> in DNS RPZ for reference?
>
> Is that available with someone? And does it work exactly as master/slave
> like any other zone?
>
Hi there,
Can someone please guide me on working configuration of Mater/Slave zone in
DNS RPZ for reference?
Is that available with someone? And does it work exactly as master/slave
like any other zone?
___
Please visit https://lists.isc.org/mailman/lis
resources hence wondering if natively can we configure anything like that?
On Thu, May 3, 2018 at 12:20 AM, Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
> On 05/02/2018 12:23 PM, Blason R wrote:
>
>> I would really appreciate if someone can shed light; if DNS based
&
Hi,
I would really appreciate if someone can shed light; if DNS based advanced
attacks can be stopped using DNS RPZ? Like DNS beacon channels or Data
Exfiltration through DNS queries.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
, Blason R wrote:
> Hi,
>
> I am trying to write a zone for policy-ip-trigger and trying to reverse
> the IP which I have done with below command
>
> cat test | awk -F. '{print $4"."$3"."$2"."$1".rpz-ip"}'
>
> Does any one have
Hi,
I am trying to write a zone for policy-ip-trigger and trying to reverse the
IP which I have done with below command
cat test | awk -F. '{print $4"."$3"."$2"."$1".rpz-ip"}'
Does any one have any other idea?
Also with policy-ip-trigger is it mandatory to provide subnet mask in
reverse manner?
Hi Team,
Just been looking around about using mapping in my DNS RPZ server but didnt
find any relevant documentation. Can somone please help me understanding
mapping in RPZ and how that can be beneficial? performance wise/storage
wise/faster loading of zones?
__
Yep; thanks that worked!!
On Sun, Apr 29, 2018 at 10:38 AM, Blason R wrote:
> hmm..ok let me try. Since I am also wrting parsers in logstash wondering
> what exactly would be the log setting I need to pick up.
>
> On Sun, Apr 29, 2018 at 9:12 AM, Bob Harold wrote:
>
>>
&g
hmm..ok let me try. Since I am also wrting parsers in logstash wondering
what exactly would be the log setting I need to pick up.
On Sun, Apr 29, 2018 at 9:12 AM, Bob Harold wrote:
>
> On Sat, Apr 28, 2018 at 11:29 PM, Blason R wrote:
>
>> Hi Folks,
>>
>> I have been
Hi Folks,
I have been struggligng with exact RPZ/Bind option/statement which enables
the logging for RPZ and shows if the query matches RPZ zone.
Can someone please help me?
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscri
Oh I see.. I thought this a kind of feature of BIND.
I got it now.
On Sun, Apr 29, 2018 at 8:38 AM, Mukund Sivaraman wrote:
> On Sun, Apr 29, 2018 at 08:27:34AM +0530, Blason R wrote:
> > Hi Team,
> > Can someone please confirm if below stuff I found pertaining t
Hi Team,
Can someone please confirm if below stuff I found pertaining to BIND can be
implemented with DNS RPZ? If yes can someone please point me to the
appropriate document?
Domain Based Reputational Data
With the release of BIND 9.8.1 a *new* reputational mechanism is available,
this time for u
1 - 100 of 138 matches
Mail list logo
