know how to create a location zone file to create
customized IP address for malware domain?
Need your valuable help on my query.
Regards
Babu
On Thursday, 2 January 2014 2:03 PM, Steven Carr wrote:
On 2 January 2014 10:47, babu dheen wrote:
> Kindly help me on my requirement.
What
Dear All,
Kindly help me on my requirement.
Regards
Papdheen M
On Sunday, 29 December 2013 12:13 PM, babu dheen wrote:
Thanks Chris. Actually I am using latest version of BIND in RPM format
downloaded from RHN. I just need to configure RPZ with customized blackhole IP
address
:
Babu Dheen,
The stanza you quoted will get you the zone. It appears to be correct syntax.
If you’re using views, put this inside a view; otherwise, put it at the global
level.
It will not create a response policy based on the zone. You have to do that
yourself. Examples are in the BIND v9
Dear All,
My BIND DNS server is authorized to use spamhaus RPZ service and spamhaus
official team requested me to paste below configuration line in
/etc/named.conf file. Since i am new to RPZ and BIND, kindly help me to
enable this feature.
zone "rpz.spamhaus.org" {
type slave;
file "db
Dear All,
My BIND DNS server is authorized to use spamhaus RPZ service and spamhaus
official team requested me to paste below configuration line in /etc/named.conf
file. Since i am new to RPZ and BIND, kindly help me to enable this feature.
zone "rpz.spamhaus.org" {
type slave;
file "dbx
Dear All,
I would like to understand DNSSEC on BIND Recusive DNS server running in RHEL
5.0. Can you please let me know resource or reference to understand the DNSSEC
and implement it?
Regards
Babu___
Please visit https://lists.isc.org/mailman/listin
Dear All,
I would like to integrate BIND DNS with Spamhaus Malware DB feed. But i need
clarity whether Spamhaus offers this feed for free or subscription(cost) based?
Regards
Babu
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to u
Thanks a lot . Now its very clear.
Regards
Babu
On Tuesday, 15 October 2013 6:28 PM, Steven Carr wrote:
On 15 October 2013 15:53, babu dheen wrote:
> If I change the TTL value on the particular zone after modifying a record
> in Redhat Linux BIND Caching DNS server, My Redha
0.13 19:38, babu dheen wrote:
> I am running BIND caching DNS server in Redhat Linux. This DNS server is
>used as name server for other DNS servers which are running in Windows
>2003. Whenever I modify a existing record in BIND DNS caching server zone,
>its not immediately taking affect in
Hi,
I am running BIND caching DNS server in Redhat Linux. This DNS server is used
as name server for other DNS servers which are running in Windows 2003.
Whenever I modify a existing record in BIND DNS caching server zone, its not
immediately taking affect in my Windows DNS servers. But if I
Dear Vernon,
Thanks for your wonderful and detailed reply. I read the update given by you as
below.
>Many stateful firewalls can also record the source and destination
>IP addresses and port numbers of outgoing UDP packets and allow
>subsequent incoming UDP packets with source and destination
Dear Brown,
I am using Stateful firewall from leading vendor company. So let me know why
still my server initiate connection to remote DNS server on non standard
destination port?
Regards
Babu
From: "wbr...@e1b.org"
To: babu dheen
Cc: &
Sent: Monday, 25 March 2013 7:46 PM
Subject: Re: Suspecious DNS traffic
On 26.03.13 00:21, babu dheen wrote:
>Hi Matus,
please, skip personal replies. this is mailing listand issued should be
discussed here.
>Still not convinced because if i need to allow >1024 port from our DNS
&g
ard
port from our DNS server to internet?
Kindly provide some details.
Regards
Babu
From: Matus UHLAR - fantomas
To: bind-users@lists.isc.org
Sent: Monday, 25 March 2013 3:30 PM
Subject: Re: Suspecious DNS traffic
On 25.03.13 16:59, babu dheen wrote:
>
Andrews
To: babu dheen
Cc: "bind-users@lists.isc.org"
Sent: Monday, 25 March 2013 12:33 AM
Subject: Re: Suspecious DNS traffic
In message <1364140396.42023.yahoomail...@web190806.mail.sg3.yahoo.com>, babu d
heen writes:
>
> Dear,
>
> We have Caching DNS s
Dear,
We have Caching DNS server and certain PTR record(reverse entry verification
purpose) only is allowed from internet. But I am observing suspicious DNS
traffic from my BIND caching DNS server towards
67.215.80.15,67.215.80.13,207.192.69.4,67.227.239.85 IP address on destination
port 1033
Dear All,
Thanks alot for helpming to identify the exact problem. Now my problem has
been solved once i chang the source port from 53 to empherial port.
Regards
Babudheen
From: Matus UHLAR - fantomas
To: bind-users@lists.isc.org
Sent: Thursday, 22 March
Dear All,
When i executed #dig www.dubaiairport.com, i am getting bleow response
;<<>> DiG 9.3.4-P1 <<>> www.dubaiairport.com
;; global options: printcmd
;; connection timed out; no servers could be reached
When i checked the firewall logs, as you all confirmed, traffic is leaving
from bot
NS Standard Query A www.dubaiairport.com
Above sniffer logs clearly shows that we are not getting response packet from
www.dubaiairport.com NS.
Regards
Babudheen
From: Anand Buddhdev
To: babu dheen
Cc: Bind Users Mailing List
Sent: Monday, 19 March 20
packet from
www.dubaiairport.com NS.
Regards
Papdheen M
From: Michael Sinatra
To: babu dheen
Cc: Bind Users Mailing List
Sent: Monday, 19 March 2012 11:43 PM
Subject: Re: Name Resolution issue with one domain
On 03/19/12 13:28, babu dheen wrote:
> Dear Support,
Dear Support,
I am trying to resolve www.dubaiairport.com from my GW BIND server as below.
But not getting any output
$ dig A www.dubaiairport.com
; <<>> DiG 9.3.4-P1 <<>> A www.dubaiairport.com
;; global options: printcmd
;; connection timed out; no servers could be reached
Whereas, whe
Dear Lyle,
Yes you are correct. problem with my side. I took care by removing this domain
from sinkhole.
Regards
Babu
--- On Fri, 13/1/12, Lyle Giese wrote:
From: Lyle Giese
Subject: Re: Name resolution issue on one domain
To: bind-users@lists.isc.org
Cc: "babu dheen"
Date:
s3 & ns4, you already got good answer from ns1 and ns2
try:
dig @127.0.0.1 fpdns.googlecode.com
What program is running on 127.0.0.1 udp port 53?
On 01/12/12 12:54, babu dheen wrote:
Dear Lyle,
Below method works fine but when i give again nslookup fpdns.googlecode.com ,
i a
next and that server cached an answer when the problem was
present.
I can think of several things outside your control or your network that can
cause this issue. Route to one of Google's name servers down. Your Internet
connection was full and that traffic was dropped or delayed enough to ti
- fantomas wrote:
From: Matus UHLAR - fantomas
Subject: Re: Name resolution issue on one domain
To: bind-users@lists.isc.org
Date: Thursday, 12 January, 2012, 4:00 PM
On 12.01.12 15:37, babu dheen wrote:
> We have two gateway DNS server running in BIND. One DNS is using one ISP
> li
Dear,
We have two gateway DNS server running in BIND. One DNS is using one ISP link
and another DNS server is using another ISP link.
Today i tried to resolve below URL from one DNS its not working whereas the
same lookup is working fine another DNS.
Non-authoritative answer:
Name: goog
Thanks Fajr.
I will handle it further.
Regards
Babu
--- On Wed, 11/1/12, Fajar A. Nugraha wrote:
From: Fajar A. Nugraha
Subject: Re: huge count of DNS deny hits
To: "babu dheen"
Cc: bind-users@lists.isc.org
Date: Wednesday, 11 January, 2012, 1:59 PM
On Wed, Jan 11, 2012
different DNS
server but DNS flood query is being sent to another DNS server
Regards
Babu
--- On Wed, 11/1/12, Fajar A. Nugraha wrote:
From: Fajar A. Nugraha
Subject: Re: huge count of DNS deny hits
To: "babu dheen"
Cc: bind-users@lists.isc.org
Date: Wednesday, 11 January, 2012
something to do with Malticast DNS. Can you give me more details about
Multicast DNS
Regards
Papdheen M
--- On Mon, 9/1/12, Fajar A. Nugraha wrote:
From: Fajar A. Nugraha
Subject: Re: huge count of DNS deny hits
To: "babu dheen"
Cc: bind-users@lists.isc.org
Date: Monday, 9 January, 2
Dear All,
Can anyone help me how to find bind & microsoft DNS software version using dig
or nslookup command remotely?
Regards
Babu___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing
Any idea ..
Regards
Babu
--- On Mon, 9/1/12, Sebastian Tymków wrote:
From: Sebastian Tymków
Subject: Re: huge count of DNS deny hits
To: "babu dheen"
Date: Monday, 9 January, 2012, 1:39 AM
Hello,
Did you check, what kind of queries your client performed ?
Sometimes I saw on my D
Dear All,
Today we have noticed one peculier issue in our firewall logs. We have internal
DNS server running in bind which is protected by firewall. All clients are
allowed to perform DNS lookup using our BIND internal DNS server( so only UDP
53 is allowed from LAN to DNS server in firewall)
Firewall
To: bind-users@lists.isc.org
Date: Tuesday, 13 December, 2011, 9:12 PM
At 04:46 13-12-2011, babu dheen wrote:
> In what situation, DNS packet size can exceed more than 512 bytes. In fact,
> my gateway
DNS TXT records used for DKIM, for example.
Regard
wrote:
From: Anand Buddhdev
Subject: Re: Suspecious DNS queries dropped by Firewall
To: "babu dheen"
Cc: bind-users@lists.isc.org
Date: Tuesday, 13 December, 2011, 5:39 PM
On 13/12/2011 13:04, babu dheen wrote:
> Hi,
>
> Our company users are using internal DNS servers
Hi,
Our company users are using internal DNS servers for name resolution and
internal DNS servers are configured to forward the DNS query to company gateway
DNS servers for external queries
User --> internal DNS server ---> gateway DNS server ---> internet
But when i look at the fire
;babu dheen"
Cc: bind-users@lists.isc.org
Date: Saturday, 3 December, 2011, 5:26 PM
On 03/12/2011 12:44, babu dheen wrote:
Babu,
> I am maintaining the same configuration on primary server but when i
> execute the same command refering /etc/named.rfc1912.zones file, i am
> not gett
Hello,
I am running slave DNS server using BIND. Today when try to run named-checkconf
file as below , i am getting highlighted error.
Kindly assist me
[root@server]# named-checkconf /etc/named.rfc1912.zones
/etc/named.rfc1912.zones:78: undefined ACL 'redhat'
/etc/named.rfc1912.zones:85:
Hello All,
I am running BIND caching name server in my company and I installed caching
name server RPM package(caching-nameserver-9.3.6-16.P1.el5_7.1) through Redhat
network directly through YUM.
Now i would like to include RPZ(Response Policy Zone) funtionality with BIND
caching server bu
To: "Issam Harrathi"
Cc: "babu dheen" , bind-users@lists.isc.org
Date: Sunday, 20 November, 2011, 8:02 PM
On Sat, Nov 19, 2011 at 03:24:14PM +0100,
Issam Harrathi wrote
a message of 139 lines which said:
> this is an example:
If the OP reads french, I suggest that
<http:/
Hi,
We are new to BIND and would like to implement RPZ in BIND. I have a following
queries with respect to RPZ in BIND.
Please help me on this.
1. Do you have basic example/steps to configure RPZ in Bind? ( I need couple
of examples like /etc/named.conf file and zone files
Dear Support,
Can anyone help me how to enable a seperate log file for NXDOMAIN(Non
exististance) DNS query lookup in BIND?
Regards
Papdheen M___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-use
Yes you are correct. chroot was causing the problem, after creating soft link
to chroot directory, problem solved.
Thanks for your help.
Regards
babu
--- On Sat, 12/11/11, Rick Dicaire wrote:
From: Rick Dicaire
Subject: Re: BIND is not able to read the configuration file
To: "babu
Dear,
I am seeing strange problem on my bind. I have created one configuraiton
file(site_specific_sinkhole.conf) under /var/named/ directory.
Permission for this file is given as below
-rw-r--r-- 1 root named 0 Nov 12 22:00 /var/named/site_specific_sinkhole.conf
I have included this file
Dear All,
We are seeing huge number of malware request going to malware domains
performed by some malware infected clients.
All malware infected clients are trying to reach below URL . We would like to
know how we can block if any dns query come to *.-0-0-0-0-0-0-0-0-0-0.info
domain,
"
Cc: "babu dheen"
Date: Monday, 17 October, 2011, 8:19 PM
On Oct 16 2011, babu dheen wrote:
> Can anyone help me how to setup DNS Sinkhole in BIND on Linux 32 bit edition.
All the replies to this so far seem to assume that he wants to block evil
entities from using his
Hi,
Can anyone help me how to setup DNS Sinkhole in BIND on Linux 32 bit edition.
Regards
babu___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https:/
thanks for your response.
From: Matus UHLAR - fantomas
To: bind-users@lists.isc.org
Sent: Sunday, 18 September 2011 7:50 PM
Subject: Re: Query regarding NS record
On 18.09.11 21:31, babu dheen wrote:
> Once i delegated NS record in my ISP name server to my company name server
&g
n
On 9/16/2011 11:17 AM, babu dheen wrote:
Hi,
> Can anyone let me know how i can resolve the below requirement.
>
>
>Requirement:
>
>We have two offices. One is main office and another one is remote branch
>office. Now my company client requirement is that if main offic
Hi,
I know that this forum is not meant for windows DNS environement. but if you
can let me know some website or guide to add customer NS record in windows DNS
environement, will be much helpful.
Regards
Babu___
Please visit https://lists.isc.org/m
Got your concern. Will change my setting accordingly. Thanks for your advise.
Regards
Babu
From: Kevin Oberman
To: babu dheen
Cc: Florian CROUZAT ; "bind-users@lists.isc.org"
Sent: Saturday, 17 September 2011 9:26 AM
Subject: Re: Query regarding NS record
On Fri, Sep 16, 2011
CROUZAT
wrote:
> babu dheen wrote on 2011-09-16:
>
>> Hi,
>> Can anyone let me know how i can resolve the below requirement.
>>
>> Requirement:
>>
>> We have two offices. One is main office and another one is remote
>> branch office. Now my company
Hi,
Can anyone let me know how i can resolve the below requirement.
Requirement:
We have two offices. One is main office and another one is remote branch
office. Now my company client requirement is that if main office DNS server is
not reachable, all DNS query should be sent to branch
Hi,
Can anyone explain what is DNS tunneling because i am seeing large number of
DNS tunneling attack in IPS from one machine in the LAN.
Regards
Babu___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
Hi,
I have a DNS server running in BIND. I executed to take backup of
configuration and zone files as below and its working fine.
# /bin/tar -pczvf named.tar.gz /etc/ /var/named
--exclude='/var/named/chroot/var/named/data' --exclude='/var/named/chroot/proc'
But what happens is when i execu
Robert you are great. You got it when i required. Thanks for sharing the
informatino. Will go through it and update all.
Keep it up.
Regards
Babu
--- On Tue, 31/5/11, Robert Spangler wrote:
From: Robert Spangler
Subject: Re: Split DNS Configuration in BIND
To: bind-users@lists.isc.org
Dat
wrote:
From: Doug Barton
Subject: Re: Split DNS Configuration in BIND
To: "babu dheen"
Cc: bind-users@lists.isc.org
Date: Tuesday, 31 May, 2011, 12:50 AM
On 05/29/2011 23:17, babu dheen wrote:
> We have DNS record called "mail.company.com" which is hosted in internal
>
want to host authorative DNS server for my
company website(company.com).
Regards
Babu
--- On Mon, 30/5/11, Stephane Bortzmeyer wrote:
From: Stephane Bortzmeyer
Subject: Re: Hosting my company DNS server in Internet
To: "babu dheen"
Cc: "Fajar A. Nugraha" , bind-user
ecific question about BIND, feel
free to ask.
--- On Mon, 30/5/11, Fajar A. Nugraha wrote:
From: Fajar A. Nugraha
Subject: Re: Hosting my company DNS server in Internet
To: "babu dheen"
Cc: bind-users@lists.isc.org
Date: Monday, 30 May, 2011, 3:12 PM
On Mon, May 30, 2011 at 3
y DNS server in Internet
To: bind-users@lists.isc.org
Date: Monday, 30 May, 2011, 12:18 PM
babu dheen wrote:
> Can anyone have any idea as to how we can host our own autherative DNS
> server for my company. For example if my company domain is "mycompany.com,
> we want to maintain our
dly let me know solution for the same.
Regards
Babu
--- On Mon, 30/5/11, Doug Barton wrote:
From: Doug Barton
Subject: Re: Split DNS Configuration in BIND
To: "babu dheen"
Cc: bind-users@lists.isc.org
Date: Monday, 30 May, 2011, 11:15 AM
On 05/29/2011 21:59, babu dheen wrote:
&
Hi,
Can anyone have any idea as to how we can host our own autherative DNS server
for my company. For example if my company domain is "mycompany.com, we want to
maintain our own DNS server so that users across world should contact our DNS
server for name resolution for "mycompany.com" domain
Hi,
Would like to know how to configure split DNS in BIND running in RHEL 5.0
version. Below is our setup and requirement.
" We have a zone called "mycompany.com" . So whenever my company users sitting
in LAN try to access mycompany.com domain in explorer, they should get internal
IP addre
query to ROOT DNS server
To: "babu dheen" , bind-users@lists.isc.org
Date: Tuesday, 26 April, 2011, 9:17 PM
Create RFC 1918 reverse zones for whatever parts of this address space
you're using.
Newer versions of BIND will do this automatically for you -- the zones
are created withou
entry in DNS server
Regards
papdheen M
--- On Tue, 26/4/11, Chris Buxton wrote:
From: Chris Buxton
Subject: Re: continous DNS query to ROOT DNS server
To: "babu dheen" , bind-users@lists.isc.org, "Kevin
Darcy"
Date: Tuesday, 26 April, 2011, 5:52 PM
They're no
@lists.isc.org
Date: Tuesday, 26 April, 2011, 12:32 AM
On 4/25/2011 2:33 PM, babu dheen wrote:
Dears,
I have DHCP server running in Windows Operating System(Windows 2003), i have
configured forwarder towards gateway DNS server(running in redhat).
When i check the firewall hits for DHCP
Dears,
I have DHCP server running in Windows Operating System(Windows 2003), i have
configured forwarder towards gateway DNS server(running in redhat).
When i check the firewall hits for DHCP server i can see, my DHCP server is
sending too many DNS query towards ROOT DNS servers(192.175.48.
Hi,
we have internal domain called sva.com and address record for this sva.com is
pointed to many IP addresses. When i do nslookup, i am getting below output. I
would like to enable the same configuration in bind.
Let us know how this can be acheived.
#nslookup sva.com
Name: sva.com
Hi,
We are using Microsoft AD server as DNS server for our company and we have
configured FORWARDER to ISP DNS server for external domain queries. What we
noticed that our internal DNS server is able to use FORWARDERS all time but
firewall logs shows that internal AD servers is contacting roo
Hi,
Actually i am looking for open source software which can be installed on redhat
linux BIND server to geneerate report from the DNS logs.
Regards
Papdheen M
--- On Sun, 20/3/11, Warren Kumari wrote:
From: Warren Kumari
Subject: Re: Need help on DNS reporter
To: "babu dheen
server is up and running
--- On Sun, 20/3/11, terry wrote:
From: terry
Subject: Re: Need help on DNS reporter
To: "babu dheen"
Cc: bind-users@lists.isc.org
Date: Sunday, 20 March, 2011, 12:42 PM
How will "rndc status" take something good for you?
2011/3/20 babu dheen
Hi,
Hi,
Can anyone let me know is there any open source software available to generate
report for DNS service based on DNS BIND query logs.
We have BIND DNS running RHEL 5.0. Would like to generate report based on its
logs so that we can identify list of clients quering external domains and its
, 17/3/11, Warren Kumari wrote:
From: Warren Kumari
Subject: Re: Need help to know about ROOT DNS query
To: "babu dheen"
Cc: "bind-users@lists.isc.org"
Date: Thursday, 17 March, 2011, 8:50 PM
Nah, that's fine (and normal).
BIND comes configured with the r
Hi,
We have two internal Windows DNS servers which answer all DNS query by
forwarding it to gateway DNS server running in Redhat BIND. But i have a query
regarding allowing ROOT DNS query on internal DNS server.
Can anyone let me know whether company Internal DNS server should respond to
RO
Hi,
Our setup is; We have internal DNS server wherein BIND is configured in RHEL 5
and many internal zones are configured. if Internet connection is down, our
Internal DNS severs are not able to get the DNS query from ISP DNS server.
Because of this, all users are not able to access many crit
Hi,
Can anyone tell me how to enable Arabic domain name query in BIND running
Redhat RHEL 5.
Actually we have many internal domain name zone configured in BIND running in
Redhat 5 OS. Since i am from Middle east, users in my company wants to access
their internal domain name through arab
75 matches
Mail list logo
