need help figuring this MX /A record query problem out *sigh*
Brad Knowles
brad.knowles at skynet.be
Thu May 17 18:44:33 UTC 2001
At 11:57 AM -0500 5/17/01, King, John (Greg) (OAO-HOU) wrote:
> but i just thought of something and need to know if this could in any way
> affect it. The firewall people blocked inbound TCP 53 completely. Only
> allowing 53 UDP in.
That's guaranteed to seriously screw you up, sooner or later. In
your case, it sounds like it screwed you up sooner. Get them to turn
that off, and make sure that you use BIND to secure your nameservers
against zone transfers from unknown servers.
> I know understand the
> earlier comments about running a cacheing and auth server which unconfused
> the confusion on that issue but in our case performance aint a prob and
> running both a cacheing and auth config of BIND has never hurt us before.
Right. And the guy who had a surplus WWII Nazi 75mm howitzer
shell and used it every day as a sword-sharpener never had any
problems, until the day it decided to blow up on him.
Just because you've always done something a particular way and
haven't yet been hurt by it, doesn't mean that the thing you've been
doing isn't dangerous -- it just means that you've been lucky, so far.
--
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
More information about the bind-users
mailing list