[afnog] Big DNS vulnerability (Here is my finds and Quickst Solution 4 those running BIND on Centos or Fedora Linux Distros)...
Stephane Bortzmeyer
bortzmeyer at nic.fr
Sat Jul 26 14:13:40 UTC 2008
On Sat, Jul 26, 2008 at 03:46:22AM -0700,
Yahaya Wara <mywarra at yahoo.com> wrote
a message of 165 lines which said:
> x.x.x.x is the ip address of my ISP DNS server. Why it is not
> returning my dns IP address.
Because it is the IP address of the resolver seen by the dns-oarc.net
authoritative name servers.
You probably have a "forwarder" directive in your BIND configuration,
which forwards the requests to your ISP servers. In some cases, there
is a long chain of such forwarding and dns-oarc.net sees only the last
server.
More information about the afnog
mailing list