http://www.cyberciti.biz/tips This is a Linux sys admin journal by Vivek about sys admin work, Linux tips & tricks, hacks, news and more. Wed, 24 Apr 2013 18:50:55 +0000 en-US hourly 1 http://wordpress.org/?v=3.5.1 http://www.cyberciti.biz/tips/bind-dynamic-update-dos.html http://www.cyberciti.biz/tips/bind-dynamic-update-dos.html#comments Wed, 29 Jul 2009 15:47:12 +0000 nixCraft http://www.cyberciti.biz/tips/?p=5570 BIND 9 is an implementation of the Domain Name System (DNS) protocols. named daemon is an Internet Domain Name Server for UNIX like operating systems. Dynamic update messages may be used to update records in a master zone on a nameserver. When named receives a specially crafted dynamic update message an internal assertion check is triggered which causes named to exit. An attacker which can send DNS requests to a nameserver can cause it to exit, thus creating a Denial of Service situation. configuring named to ignore dynamic updates is NOT sufficient to protect it from this vulnerability. This exploit is public. Please upgrade immediately.]]> http://www.cyberciti.biz/tips/bind-dynamic-update-dos.html/feed 7 http://www.cyberciti.biz/tips/bind-named-set-zone-transfer-ip-address.html http://www.cyberciti.biz/tips/bind-named-set-zone-transfer-ip-address.html#comments Thu, 08 Jan 2009 20:08:01 +0000 nixCraft http://www.cyberciti.biz/tips/?p=4277 I've three nameserver load-balanced (LB) in three geo locations. Each LB has a front end public IP address and two backend IP address (one for BIND and another for zone transfer) are assigned to actual bind 9 server running Linux. So when a zone transfer initiates from slave server, all I get errors. A connection cannot be established, it tries again with the servers main ip or LB2 / LB3 ip. This is a problem because my servers are geo located and load balanced. However, there is a small workaround for this problem.]]> http://www.cyberciti.biz/tips/bind-named-set-zone-transfer-ip-address.html/feed 4 http://www.cyberciti.biz/tips/linux-update-dnsmasq-dnscache-software.html http://www.cyberciti.biz/tips/linux-update-dnsmasq-dnscache-software.html#comments Tue, 12 Aug 2008 06:55:27 +0000 nixCraft http://www.cyberciti.biz/tips/?p=2650 Red Hat has shipped a new version of its dnsmasq caching software to plug source UDP port bug. This could have made DNS spoofing attacks (CVE-2008-1447) easier. Dnsmasq is lightweight ultra fast dns cache server forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. ]]> http://www.cyberciti.biz/tips/linux-update-dnsmasq-dnscache-software.html/feed 0 http://www.cyberciti.biz/tips/windows-verify-dns-cache-posinging-bug.html http://www.cyberciti.biz/tips/windows-verify-dns-cache-posinging-bug.html#comments Thu, 24 Jul 2008 12:00:01 +0000 nixCraft http://www.cyberciti.biz/tips/?p=2491 http://www.cyberciti.biz/tips/windows-verify-dns-cache-posinging-bug.html/feed 1 http://www.cyberciti.biz/tips/bind9-dns-cache-poisoning.html http://www.cyberciti.biz/tips/bind9-dns-cache-poisoning.html#comments Tue, 08 Jul 2008 17:40:13 +0000 nixCraft http://www.cyberciti.biz/tips/?p=2451 http://www.cyberciti.biz/tips/bind9-dns-cache-poisoning.html/feed 5 http://www.cyberciti.biz/tips/freebsd-bind-dns-cache-poisoning.html http://www.cyberciti.biz/tips/freebsd-bind-dns-cache-poisoning.html#comments Sat, 14 Jun 2008 06:03:38 +0000 nixCraft http://www.cyberciti.biz/tips/?p=2460 http://www.cyberciti.biz/tips/freebsd-bind-dns-cache-poisoning.html/feed 0 http://www.cyberciti.biz/tips/caching-nameserver-bug-fix-update.html http://www.cyberciti.biz/tips/caching-nameserver-bug-fix-update.html#comments Sun, 18 May 2008 17:58:24 +0000 nixCraft http://www.cyberciti.biz/tips/?p=2379 http://www.cyberciti.biz/tips/caching-nameserver-bug-fix-update.html/feed 2 http://www.cyberciti.biz/tips/howto-restrict-unauthorized-zone-transfers-dns-bind.html http://www.cyberciti.biz/tips/howto-restrict-unauthorized-zone-transfers-dns-bind.html#comments Fri, 12 Oct 2007 08:08:12 +0000 nixCraft http://www.cyberciti.biz/tips/howto-restrict-unauthorized-zone-transfers-dns-bind.html http://www.cyberciti.biz/tips/howto-restrict-unauthorized-zone-transfers-dns-bind.html/feed 3 http://www.cyberciti.biz/tips/howto-linux-unix-check-dns-file-errors.html http://www.cyberciti.biz/tips/howto-linux-unix-check-dns-file-errors.html#comments Fri, 21 Sep 2007 18:42:35 +0000 nixCraft http://www.cyberciti.biz/tips/check-bind-dns-server-configuration-file-for-errors-with-named-checkconf-tools.html http://www.cyberciti.biz/tips/howto-linux-unix-check-dns-file-errors.html/feed 9 http://www.cyberciti.biz/tips/linux-iptables-12-how-to-block-or-open-dnsbind-service-port-53.html http://www.cyberciti.biz/tips/linux-iptables-12-how-to-block-or-open-dnsbind-service-port-53.html#comments Wed, 13 Jul 2005 22:54:00 +0000 nixCraft http://www.cyberciti.biz/tips/linux-iptables-12-how-to-block-or-open-dnsbind-service-port-53.html http://www.cyberciti.biz/tips/linux-iptables-12-how-to-block-or-open-dnsbind-service-port-53.html/feed 4 http://www.cyberciti.biz/tips/troubleshooting-bind-dns-2.html http://www.cyberciti.biz/tips/troubleshooting-bind-dns-2.html#comments Fri, 19 Nov 2004 20:33:00 +0000 nixCraft http://www.cyberciti.biz/tips/troubleshooting-bind-dns-2.html http://www.cyberciti.biz/tips/troubleshooting-bind-dns-2.html/feed 12