[Bind-users] Limited visibility
Remko Lodder
remko at elvandar.org
Wed Jan 28 20:55:51 UTC 2004
this can be because they might restrict looking up zones they don't host,
i do that myself as well.
my attempts below:
elvandar# dig www.w-sys.co.uk
; <<>> DiG 9.2.2 <<>> www.w-sys.co.uk
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27330
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;www.w-sys.co.uk. IN A
;; ANSWER SECTION:
www.w-sys.co.uk. 10 IN CNAME mail.w-sys.co.uk.
mail.w-sys.co.uk. 5777 IN A 82.68.177.92
;; AUTHORITY SECTION:
w-sys.co.uk. 4858 IN NS dns.w-sys.co.uk.
w-sys.co.uk. 4858 IN NS mail.w-sys.co.uk.
;; Query time: 57 msec
;; SERVER: 10.0.2.121#53(10.0.2.121)
;; WHEN: Wed Jan 28 21:53:37 2004
;; MSG SIZE rcvd: 100
elvandar# nslookup www.w-sys.co.uk dns.w-sys.co.uk
Server: dns.w-sys.co.uk
Address: 82.68.177.91#53
www.w-sys.co.uk canonical name = mail.w-sys.co.uk.
Name: mail.w-sys.co.uk
Address: 82.68.177.92
elvandar# nslookup www.w-sys.co.uk mail.w-sys.co.uk
Server: mail.w-sys.co.uk
Address: 82.68.177.92#53
www.w-sys.co.uk canonical name = mail.w-sys.co.uk.
Name: mail.w-sys.co.uk
Address: 82.68.177.92
--
Kind regards,
Remko Lodder
Elvandar.org/DSINet.org
www.mostly-harmless.nl Dutch community for helping newcomers on the
hackerscene
-----Oorspronkelijk bericht-----
Van: Geoff Austin [mailto:geoff at w-sys.co.uk]
Verzonden: woensdag 28 januari 2004 21:51
Aan: Remko Lodder
CC: comp-protocols-dns-bind at isc.org
Onderwerp: RE: [Bind-users] Limited visibility
Thanks Remko ;)
So the answer is:
There are no queries logged and no packets in
when I use "dig @ns1.bt.net www.w-sys.co.uk".
Since I am running the query from my domain, I do see a lookup of
ns1.bt.net, but that comes from me rather than bt.
I get the following output from dig:
[gaustin at lwks gaustin]$ dig @ns1.bt.net www.w-sys.co.uk
; <<>> DiG 9.2.2-P3 <<>> @ns1.bt.net www.w-sys.co.uk
;; global options: printcmd
;; connection timed out; no servers could be reached
Looks like it cannot find the name server...
On Wed, 2004-01-28 at 19:30, Remko Lodder wrote:
> *sigh* you are not an idiot, i praise you
> since you DARE to ask something you dont
> understand, thats good, dont feel like an idiot
> ok ;)
>
> you can use tcpdump -n -i $iface dst port 53
> for hardcore dumping packages (perhaps use -X as well)
>
> or you can add this to your named.conf
>
> category queries { "default_syslog"; };
> in the section logging
> this works for bind9
>
> if you use bind8 you can also use ndc querylog on
> to get the same
>
> cheers
>
>
>
> --
>
> Kind regards,
>
> Remko Lodder
> Elvandar.org/DSINet.org
> www.mostly-harmless.nl Dutch community for helping newcomers on the
> hackerscene
>
More information about the bind-users
mailing list