nslookup Unix to windows problem
Kevin Darcy
kcd at daimlerchrysler.com
Tue Nov 20 01:35:33 UTC 2001
Your nameserver is vulnerable to root exploit. Upgrade immediately. See
http://www.isc.org/products/BIND/bind-security.html
What do you mean by "address 10.0.2.10/24" and "address 10.0.4.15/24"?
Prefix notation denotes networks/subnetworks, not addresses (arguably a /32
prefix amounts to the same thing in IPv4, but a /24 prefix does not).
Also, is this Win2K server hardcoded to use this BIND nameserver
*exclusively* for name resolution? If not, then I'm not surprised it can't
find names in the "zzzz" domain, since that is not a valid TLD (top-level
domain). Similarly, since you haven't delegated anything below "zzzz", then
the Win2K nameserver would likely have trouble finding those subzones
too...
- Kevin
silveraud wrote:
> I have been trying to set up Bind 8.2.2p7 on central.zzzz, with address
> 10.0.2.10/24 and have been unable to do an nslookup on a windows 2000
> server, windserv.zzzz with an address of 10.0.4.15/24. Can anybody help
> correct the configuration(s) below (db.cache was excluded)? Also, do I
> need to configure anything unusual on my windows server to prevent
> ?unapproved update? in my syslog?
>
> Thanks for your assistance in advance.
>
> Contents of named.conf:
>
> options {
> directory "/usr/local/etc";
> };
>
> controls {
> unix "/etc/ndc" perm 0600 owner 0 group 0;
> };
>
> zone "0.0.127.IN-ADDR.ARPA" in {
> type master;
> file "db.127.0.0";
> notify no;
> };
>
> zone "windserv.zzzz" in {
> type master;
> file "db.windserv.zzzz";
> check-names ignore;
> allow-update {localnets;};
> };
>
> zone "zzzz" in {
> type master;
> file "db.zzzz";
> };
>
> zone "2.0.10.IN-ADDR.ARPA" in {
> type master;
> file "db.10.0.2";
> check-names ignore;
> allow-update {localnets;};
> };
>
> zone "4.0.10.IN-ADDR.ARPA" in {
> type master;
> file "db.10.0.4";
> };
>
> zone "_msdcs.windserv.zzzz" {
> type master;
> file "db._msdcs.windserv.zzzz";
> check-names ignore;
> allow-update {localnets;};
> };
>
> zone "_sites.windserv.zzzz" {
> type master;
> file "db._sites.windserv.zzzz";
> check-names ignore;
> allow-update {localnets;};
> };
>
> zone "_tcp.windserv.zzzz" {
> type master;
> file "db._tcp.windserv.zzzz";
> check-names ignore;
> allow-update {localnets;};
> };
>
> zone "_udp.windserv.zzzz" {
> type master;
> file "db._udp.windserv.zzzz";
> check-names ignore;
> allow-update {localnets;};
> };
>
> zone "." in {
> type hint;
> file "db.cache";
> };
>
> Contents of db.zzzz:
>
> $TTL 86400
> @ IN SOA central.zzzz. root.central.zzzz. ( 1 10800 3600 604800 86400 )
>
> IN NS central.zzzz.
>
> localhost IN A 127.0.0.1
> central IN A 10.0.2.10
> central IN MX 10 central.zzzz.
>
> Contents of db.windserv.zzzz:
>
> $TTL 86400
> windserv.zzzz. IN SOA central.zzzz. root.central.zzzz. ( 1 10800 3600
> 604800 86400 )
> IN NS central.zzzz.
>
> windserv.zzzz IN A 10.0.4.15
> windserv.zzzz IN MX 10 windserv.zzzz.
>
> Contents of db._msdcs.windserv.zzzz, db._sites.windserv.zzzz,
> db._tcp.windserv.zzzz, db._udp.windserv.zzzz:
>
> $TTL 86400
> @ IN SOA central.zzzz. root.central.zzzz. ( 1 10800 3600 604800 86400 )
>
> IN NS central.zzzz.
>
> Contents of db.127.0.0:
>
> $TTL 86400
> @ IN SOA central.zzzz. root.central.zzzz. ( 1 10800 3600 604800 86400 )
>
> IN NS central.zzzz.
>
> 0.0.127.IN-ADDR.ARPA. IN NS central.zzzz.
> 1.0.0.127.IN-ADDR.ARPA. IN PTR localhost.
>
> Contents of db.10.0.2
>
> $TTL 86400
> @ IN SOA central.zzzz. root.central.zzzz. ( 2 10800 3600 604800 86400 )
>
> IN NS central.zzzz.
>
> 10.2.0.10.IN-ADDR.ARPA. IN PTR central.zzzz.
>
> Contents of db.10.0.4:
>
> $TTL 86400
> @ IN SOA central.zzzz. root.central.zzzz. ( 2 10800 3600 604800 86400 )
>
> IN NS central.zzzz.
>
> 15.4.0.10.IN-ADDR.ARPA. IN PTR windserv.zzzz.
More information about the bind-users
mailing list