the same ip answer about partial another A record via nslookup ??
Pete Ehlke
pde at ehlke.net
Thu Aug 30 20:44:25 UTC 2001
Barry Margolin (barmar at genuity.net) said, on [010830 11:37]:
> In article <9mlulj$5e7 at pub3.rc.vix.com>, jenny <mjjung at gngidc.net> wrote:
> >> set q=soa
> >> yesnic.com (rotis.com is also the following)
> >Server: [211.239.120.105]
> >Address: 211.239.120.105
> >
> >com
> > origin = ns1.seoulcity.com
> > mail addr = twister_glove.twister.com
> > serial = 2001070101
> > refresh = 14400 (4H)
> > retry = 7200 (2H)
> > expire = 604800 (1W)
> > minimum ttl = 7200 (2H)
> >========================
> >
> >why does our nameserver have a invalid nameserver's informations?
> >why does it happen this situation ?
>
> Because you're running an old version of BIND that is very trusting of
> records in the Authority Records section of a response. At some time you
The OP does not seem to be running bind. More likely it's the Microsoft
DNS 'server' that comes configured by default to be vulnerable to cache
poisoning. (Is there anyone from Microsoft who would like to comment on
why this is the case? )
Here's how to fix it:
http://www.microsoft.com/windows2000/en/server/help/sag_DNS_imp_TuningAdvancedParams.htm
Enable 'secure cache against pollution'.
-Pete
More information about the bind-users
mailing list