opm.blitzed.org

Mark Andrews Mark_Andrews at isc.org
Sun Jul 13 23:22:15 UTC 2008 

> 
> http://wiki.blitzed.org/OPM_status
> 
> As a workaround you can make your nameserver authoritative for 
> opm.blitzed.org with empty zone file (only SOA record). Better to ask ISC
> guys what do they suggest in this situation.

	It would be SOA and NS record as that is the minimum requirements
	for a zone. 

	You know where the queries are coming from (client A.B.C.D#58730).
	Reconfigure that machine.
 
	Mark

> On 11.07.2008 / 18:01:06 -0300, Jorge Polinotto wrote:
> > Hi all!
> > 
> > I've looking this query in our nameservers:
> > 
> > 11-Jul-2008 16:14:13.515 queries: info: client A.B.C.D#58730: query:
> > 144.5.70.200.opm.blitzed.org IN A +E
> > 11-Jul-2008 16:14:13.516 queries: info: client A.B.C.D#54230: query:
> > 120.206.142.68.opm.blitzed.org IN A +E
> > 
> > I read that this DNSBL is shut down. But... what's going on?
> > 
> > ----------------------------------------------------
> > $ dig 144.5.70.200.opm.blitzed.org A +trace
> > 
> > ; <<>> DiG 9.4.2-P1 <<>> 144.5.70.200.opm.blitzed.org A +trace
> > ;; global options:  printcmd
> > 
> > ...
> > ...
> 
> > opm.blitzed.org.        86400   IN      NS      opm-is-no-more.blitzed.org.
> > ;; Received 91 bytes from 84.234.24.90#53(sou.nameserver.net) in 225 ms
> > 
> > 200.opm.blitzed.org.    604800  IN      NS     
> > please.do.not.query.opm.blitzed.org.
> > ;; Received 96 bytes from 78.47.198.182#53(opm-is-no-more.blitzed.org) in
> > 245 ms
> > 
> > ;; connection timed out; no servers could be reached
> > 
> > ------------------------------------------------------
> > $ dig please.do.not.query.opm.blitzed.org A
> > 
> > ; <<>> DiG 9.4.2-P1 <<>> please.do.not.query.opm.blitzed.org A
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50084
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
> > 
> > ;; QUESTION SECTION:
> > ;please.do.not.query.opm.blitzed.org. IN        A
> > 
> > ;; ANSWER SECTION:
> > please.do.not.query.opm.blitzed.org. 580965 IN A 192.0.2.1
> > ----------------------------------------------------------
> > So the nameservers are trying to reach to 192.0.2.1
> > 
> > >From RFC 3330:
> > 
> > 192.0.2.0/24 - This block is assigned as "TEST-NET" for use in
> > documentation and example code.  It is often used in conjunction with
> > domain names example.com or example.net in vendor and protocol
> > documentation. Addresses within this block should not appear on the public
> > Internet.
> > 
> > Do I have to modify my named.conf? Can we do anything to change this type
> > of RR's? What did you do with these type of problems?
> > 
> > Thanks in advance.
> 
> -- 
> Anatoly Pugachev
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list