Domain non-existent / flooding attack
John Tan
d_name at hotmail.com
Fri Aug 13 01:58:15 UTC 1999
Thanks to all who answered my question. I really appreciate it.
But Mark, I find it hard to believe that luck has something to do with it.
After all, the reasoning is that if I had not increased the gov.sg zone s/no
then none of the other DNSes would have reason to do another zone transfer.
Unless you are saying that previously I updated the gov.sg zone and also
some time later I updated the sgnews zone s./no but all the other ISPs
picked it up and except for pridns.ncs.com.sg which was slow in doing so ?
Then when it did pick it up, the sgnews was already added ? I certainly hope
that this is the reason....
BTW, Mark I understand that there has been concern over a flooding attack on
DNS servers via udp port 53. Is there a fix yet for this ?
thanks for your help.
>From: marka at isc.org
>To: "John Tan" <d_name at hotmail.com>
>CC: bind-users at isc.org, phil46 at pacific.net.sg
>Subject: Re: Domain non-existent
>Date: Fri, 13 Aug 1999 07:32:44 +1000
>
> > Thanks again Mark. Your very helpful. But one question though :
> > If that were the case, then why is pridns.ncs.com.sg able to
>successfully
> > query my DNS for the info while the others were not ?
>
> Luck. There are 8 servers for gov.sg, 2 of which known the zone
> exists. Once you learn about the zone you have to wait for the
> NS records to expire before you have to look it up again.
>
> Mark
> >
> >
> > >From: marka at isc.org
> > >To: "John Tan" <d_name at hotmail.com>
> > >CC: bind-users at isc.org, phil46 at pacific.net.sg
> > >Subject: Re: Domain non-existent
> > >Date: Thu, 12 Aug 1999 22:42:38 +1000
> > >
> > > The problem is that the parent domain (gov.sg) has not been
> > > updated. While both pridns.gov.sg and secdns.gov.sg know about
> > > sgnews.gov.sg as they are also servers for sgnews.gov.sg the
> > > rest of the servers for gov.sg do not and hence the NXDOMAINs.
> > >
> > > The zone gov.sg zone needs to be updated and pushed to the
> > > secondaries.
> > >
> > > Mark
> > > >
> > > > Hi all
> > > >
> > > > I have a problem. From the dns server pridns.gov.sg, I am able to
>query
> > > > sgnews.gov.sg domain. from pridns.ncs.com.sg it is also ok.
> > > > but from other dns servers eg. pridns.cyberway.com.sg it does not
>work.
> > >The
> > > > ttl is 6 hours and I have already incremented the serial no.
> > > > and it is long after 6 hours. Am I paranoid or should I wait longer
>?
> > > > Previosuly I had already incremented the s/no but just did it again
> > >today..
> > > > MY DNS logs show no errors on both primary and sec.
> > > >
> > > > below is the output :
> > > >
> > > > >sgnews.gov.sg.
> > > > Server: pridns.cyberway.com.sg
> > > > Address: 203.116.1.78
> > > >
> > > > *** pridns.cyberway.com.sg can't find sgnews.gov.sg.:Non-existent
> > > > host/domain
> > > > >server pridns.ncs.com.sg.
> > > > Default Server: pridns.ncs.com.sg
> > > > Address: 203.116.16.16
> > > >
> > > > >sgnews.gov.sg.
> > > > Server: pridns.ncs.com.sg
> > > > Address: 203.116.16.16
> > > >
> > > > Non-authoritative answer:
> > > > sgnews.gov.sg
> > > > origin = pridns.gov.sg
> > > > mail address = root.pridns.gov.sg
> > > > serial = 1999081201
> > > > refresh = 14400 (4H)
> > > > retry = 7200 (2H)
> > > > expire = 604800 (1W)
> > > > minimum ttl = 21600 (6H)
> > > > sgnews.gov.sg nameserver = pridns.gov.sg
> > > > sgnews.gov.sg nameserver = secdns.gov.sg
> > > > sgnews.gov.sg preference = 10, mail exchanger = hydra.gov.sg
> > > > sgnews.gov.sg preference = 20, mail exchanger =
>medusa.internet.gov.sg
> > > >
> > > > Authoritative answers can be found from:
> > > > sgnews.gov.sg nameserver = pridns.gov.sg
> > > > sgnews.gov.sg nameserver = secdns.gov.sg
> > > > pridns.gov.sg internet address = 160.96.179.4
> > > > secdns.gov.sg internet address = 160.96.128.4
> > > > hydra.gov.sg internet address = 160.96.179.6
> > > > medusa.internet.gov.sg internet address = 160.96.179.7
> > > > >
> > > >
> > > >
> > > > ______________________________________________________
> > > > Get Your Private, Free Email at http://www.hotmail.com
> > > >
> > > >
> > >--
> > >Mark Andrews, Internet Software Consortium
> > >1 Seymour St., Dundas Valley, NSW 2117, Australia
> > >PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
> >
> >
> > ______________________________________________________
> > Get Your Private, Free Email at http://www.hotmail.com
> >
>--
>Mark Andrews, Internet Software Consortium
>1 Seymour St., Dundas Valley, NSW 2117, Australia
>PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
More information about the bind-users
mailing list