Am getting errors with my zone files. Any pointers?

Brad Knowles brad.knowles at skynet.be
Fri Jul 13 06:59:49 UTC 2001 

At 3:51 AM +0000 7/13/01, Daniel Keith Du Vall wrote:

>  Jul 12 20:06:22 quadlinux named[937]: sysquery: findns error (NXDOMAIN) on
>  ns.quadtrax.net?

	Is quadlinux the same machine as ns.quadtrax.com?  If so, then it 
needs to show up in the DNS as resolving to the same IP address, in 
which case BIND should be able to figure out that this is the same 
machine.

>  Jul 12 20:46:01 quadlinux named[937]: sysquery: findns error (NXDOMAIN) on
>  ns.quadtrax.net?
>
>  I have not yet found anything that lets me know what this is caused from.
>  Should i be concerned by it or is it just something that is.
>  Thanks in advance.

	BTW, your nameserver is running recursively & caching.  This 
makes you vulnerable to cache poisoning attacks, and abuseable to 
virtually "host" any domain out there that wants to list you as an 
authoritative server (all they have to do is periodically refresh 
your memory of what that zone looks like).

	Also, your nameserver is not protected against zone transfers. 
This means I can get a complete copy of your zone, which you probably 
don't want to allow people to have:

% dig @ns.quadtrax.net. quadtrax.net. axfr

; <<>> DiG 9.1.2 <<>> @ns.quadtrax.net. quadtrax.net. axfr
;; global options:  printcmd
quadtrax.net.           86400   IN      SOA     ns.quadtrax.net. 
sysop.quadtrax.com. 2001070901 3600 3600 604800 3600
quadtrax.net.           86400   IN      NS      ns.quadtrax.net.
quadtrax.net.           86400   IN      NS      ns1.granitecanyon.com.
quadtrax.net.           86400   IN      NS      ns2.granitecanyon.com.
quadtrax.net.           86400   IN      MX      10 mail.quadtrax.net.
ftp.quadtrax.net.       86400   IN      A       216.216.115.27
telnet.quadtrax.net.    86400   IN      A       216.216.115.27
mail.quadtrax.net.      86400   IN      A       216.216.115.27
www.quadtrax.net.       86400   IN      A       216.216.115.27
quadtrax.net.           86400   IN      SOA     ns.quadtrax.net. 
sysop.quadtrax.com. 2001070901 3600 3600 604800 3600
;; Query time: 247 msec
;; SERVER: 216.216.115.27#53(ns.quadtrax.net.)
;; WHEN: Fri Jul 13 02:56:39 2001
;; XFR size: 11 records


	You really should fix both of these security issues.

-- 
Brad Knowles, <brad.knowles at skynet.be>

/*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
/*       Represented as 1045 digit prime number by Phil Carmody         */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
/*                                                                      */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */

dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'

More information about the bind-users mailing list