[afnog] Big DNS vulnerability (Here is my finds and Quickst Solution 4 those running BIND on Centos or Fedora Linux Distros)...

Stephane Bortzmeyer bortzmeyer at nic.fr
Sat Jul 26 14:13:40 UTC 2008

On Sat, Jul 26, 2008 at 03:46:22AM -0700,
 Yahaya Wara <mywarra at yahoo.com> wrote 
 a message of 165 lines which said:

> x.x.x.x is the ip address of my ISP DNS server. Why it is not
> returning my dns IP address.

Because it is the IP address of the resolver seen by the dns-oarc.net
authoritative name servers.

You probably have a "forwarder" directive in your BIND configuration,
which forwards the requests to your ISP servers. In some cases, there
is a long chain of such forwarding and dns-oarc.net sees only the last

More information about the afnog mailing list