Re: nscd and DNS cache
by JD
On 05/18/2012 12:37 AM, Ed Greshko wrote:
> On 05/18/2012 03:22 PM, JD wrote:
>> So, what's to prevent someone from simply modifying dnsmasq
>> (or any other open source caching name resolver) to change
>> the expiration time to a value greater than what the owner
>> of the domain wants? Sure it may result in using stale
>> ip addresses once in a while. I think that's more tolerable than
>> having to wait anywhere from 10 to 30 seconds to resolve every
>> new name browsed to; (new relative to contents of the cache).
> Nothing "stops" anyone from doing that....except they'd be mucking with the DNS
> system in ways unintended/unexpected. I personally wouldn't use that software.
>
> If you need to wait that long for address resolution then you've either got a *very*
> slow network, your link is saturated, or the DNS server you're contacting is a poor
> performer.
>
> I had an ISP here in Taiwan that required you to use their DNS servers. They blocked
> port 53 outbound from their network. Their DNS servers would get overloaded from
> time to time...but even then I rarely waited for more than a second or two.
>
> Some people prefer to set their resolv.conf to point to 8.8.8.8 and 8.8.4.4 which are
> 2 of google's public nameservers that are very fast.
>
I am indeed pointing my resolv.conf to the 2 google
nameservers.
You're probably right about our home network.
I think the router has a very low bandwidth (hardware wise),
probably because it doubles up as the decoder for the TV
contents being viewed on 2 to 3 different TV's in the house.
TV signals come directly to the router on the coax, and then
are sent back on the coax to the 3 TV sets.
We're stuck with what we have.
12 years
Re: Blocked site -
by Frank Cox
On Sat, 20 Oct 2012 10:30:00 -0400
Bob Goodwin - Zuni, Virginia, USA wrote:
> If nothing else this has been a learning experience.
You could set up dnsmasq, which will cache your dns queries, saving a small
amount of bandwidth but more importantly speeding things up some.
--
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
www.creekfm.com - FIFTY THOUSAND WATTS of POW WOW POWER!
11 years, 7 months
Re: Blocked site -
by Frank Cox
On Sat, 20 Oct 2012 13:22:19 -0400
Bob Goodwin - Zuni, Virginia, USA wrote:
> I'm already confused. If I don't want it listening on the internet and
> our LAN [eth0] on this computer where do I tell it to go?
# If you want dnsmasq to provide only DNS service on an interface,
# configure it as shown above, and then use the following line to
# disable DHCP on it.
no-dhcp-interface=eth0
--
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
www.creekfm.com - FIFTY THOUSAND WATTS of POW WOW POWER!
11 years, 7 months
Re: Has my fedora 18 installation been hacked?
by Georgios Petasis
Στις 15/3/2013 11:57 πμ, ο/η Ed Greshko έγραψε:
> On 03/15/13 17:46, Ed Greshko wrote:
>> Is the destination IP address a single IP address or are there others.
>>
>> Is your system running a DNS server? If you are running one, is it supposed to be servicing requests from the Internet? If it is supposed to be taking requests from the Internet, have you made sure to configure such that recursion is disabled.
> Never mind....
>
> In re-reading the original message I see the "source port" is 35442. I'm pretty sure recursion from a DNS server would show 53 as the source port.
>
>
I have used nslookup with the local machine as server, and I was not
able to resolve anything.
Also, the dnsmasq configuration is empty. I think I am not running a dns
server...
Thanks,
George
11 years, 3 months
Re: Has my fedora 18 installation been hacked?
by Mateusz Marzantowicz
W dniu 15.03.2013 11:09, Georgios Petasis pisze:
> Στις 15/3/2013 11:57 πμ, ο/η Ed Greshko έγραψε:
>> On 03/15/13 17:46, Ed Greshko wrote:
>>> Is the destination IP address a single IP address or are there others.
>>>
>>> Is your system running a DNS server? If you are running one, is it
>>> supposed to be servicing requests from the Internet? If it is
>>> supposed to be taking requests from the Internet, have you made sure
>>> to configure such that recursion is disabled.
>> Never mind....
>>
>> In re-reading the original message I see the "source port" is 35442.
>> I'm pretty sure recursion from a DNS server would show 53 as the
>> source port.
>>
>>
> I have used nslookup with the local machine as server, and I was not
> able to resolve anything.
> Also, the dnsmasq configuration is empty. I think I am not running a
> dns server...
>
> Thanks,
>
> George
Sorry, but can't you just type netstat -aptul as root to see what
connections are active?
Status of services can be checked using systemctl tool: systemctl status
named.service
Mateusz Marzantowicz
11 years, 3 months
Re: Has my fedora 18 installation been hacked?
by Reindl Harald
Am 15.03.2013 14:03, schrieb Mateusz Marzantowicz:
> W dniu 15.03.2013 11:09, Georgios Petasis pisze:
>> Στις 15/3/2013 11:57 πμ, ο/η Ed Greshko έγραψε:
>>> On 03/15/13 17:46, Ed Greshko wrote:
>>>> Is the destination IP address a single IP address or are there others.
>>>>
>>>> Is your system running a DNS server? If you are running one, is it supposed to be servicing requests from the
>>>> Internet? If it is supposed to be taking requests from the Internet, have you made sure to configure such that
>>>> recursion is disabled.
>>> Never mind....
>>>
>>> In re-reading the original message I see the "source port" is 35442. I'm pretty sure recursion from a DNS
>>> server would show 53 as the source port.
>>>
>>>
>> I have used nslookup with the local machine as server, and I was not able to resolve anything.
>> Also, the dnsmasq configuration is empty. I think I am not running a dns server...
>>
> Sorry, but can't you just type netstat -aptul as root to see what connections are active?
> Status of services can be checked using systemctl tool: systemctl status named.service
you can - but after a intrusion you can not trust any output of system-tools
because you are not in the position to say 100% if the first intrusion
did not use a local root-exploit after it's first run and modified your
system in a way making it hard to detect rootkits
11 years, 3 months
Firewall and DNS caching without NetworkManager
by আনন্দ কুমার সমাদ্দার Ananda Samaddar
Hello all,
I've just installed Fedora 18 X86-64. I disabled and uninstalled
networkmanager and use the standard networking stuff which seems to
use dhclient. I'm using a standard ethernet connection.
So I need to do two things. Feel free to tell me to RTFM if you can
provide a link!
1. How do I enable pre-pending of nameservers? I want to use dnsmasq
to cache DNS requests so I need to add 127.0.0.1 to the top of
resolv.conf. Google searchs take me to the Arch Wiki. I can't seem to
find a dhclient.conf file anywhere in /etc.
2. How do I assign a zone in firewalld to my connection? I want to be
able to open ports for bittorrent and XMPP jingle voice/video. The
firewalld wiki on the Fedora site doesn't seem to be able to answer my
question.
thanks in advance,
Ananda Samaddar
11 years
Re: Firewall and DNS caching without NetworkManager
by Mikkel L. Ellertson
On 05/18/2013 08:41 AM, আনন্দ কুমার সমাদ্দার Ananda Samaddar wrote:
> Hello all,
>
> I've just installed Fedora 18 X86-64. I disabled and uninstalled
> networkmanager and use the standard networking stuff which seems to
> use dhclient. I'm using a standard ethernet connection.
>
> So I need to do two things. Feel free to tell me to RTFM if you can
> provide a link!
>
> 1. How do I enable pre-pending of nameservers? I want to use dnsmasq
> to cache DNS requests so I need to add 127.0.0.1 to the top of
> resolv.conf. Google searchs take me to the Arch Wiki. I can't seem to
> find a dhclient.conf file anywhere in /etc.
>
> 2. How do I assign a zone in firewalld to my connection? I want to be
> able to open ports for bittorrent and XMPP jingle voice/video. The
> firewalld wiki on the Fedora site doesn't seem to be able to answer my
> question.
>
> thanks in advance,
>
> Ananda Samaddar
You may want to read /usr/share/doc/initscripts-9.42.2/sysconfig.txt
- search for PEERDNS.
Mikkel
--
Do not meddle in the affairs of dragons, for thou art crunchy and
taste good with Ketchup!
11 years
Re: Firewall and DNS caching without NetworkManager
by আনন্দ কুমার সমাদ্দার Ananda Samaddar
On Sat, 18 May 2013 08:58:41 -0500
"Mikkel L. Ellertson" <mellertson(a)gmail.com> wrote:
> On 05/18/2013 08:41 AM, আনন্দ কুমার সমাদ্দার Ananda Samaddar wrote:
> > Hello all,
> >
> > I've just installed Fedora 18 X86-64. I disabled and uninstalled
> > networkmanager and use the standard networking stuff which seems to
> > use dhclient. I'm using a standard ethernet connection.
> >
> > So I need to do two things. Feel free to tell me to RTFM if you can
> > provide a link!
> >
> > 1. How do I enable pre-pending of nameservers? I want to use
> > dnsmasq to cache DNS requests so I need to add 127.0.0.1 to the top
> > of resolv.conf. Google searchs take me to the Arch Wiki. I can't
> > seem to find a dhclient.conf file anywhere in /etc.
> >
> > 2. How do I assign a zone in firewalld to my connection? I want
> > to be able to open ports for bittorrent and XMPP jingle
> > voice/video. The firewalld wiki on the Fedora site doesn't seem to
> > be able to answer my question.
> >
> > thanks in advance,
> >
> > Ananda Samaddar
> You may want to read /usr/share/doc/initscripts-9.42.2/sysconfig.txt
> - search for PEERDNS.
>
> Mikkel
>
Thanks Mikkel but I don't think this works. In the ifcfg settings if
you specify a DNS server then the network is assumed to have static
DNS. So if I put DNS1=127.0.0.1 in the the ifcfg-em1 file all I get in
resolv.conf is that nameserver and not the one supplied by my router
underneath.
Ananda
11 years
Re: Weird network problem
by Mikkel L. Ellertson
On 05/25/2013 08:00 PM, Phil Dobbin wrote:
> Hi, all.
>
> I've got several machines on a LAN behind a NAT with DHCP assigning
> always the same addresses from a dynamic IP.
>
> A couple of days ago the IP changed & since then, one of the machines
> running Fedora 17 always fails first time to connect to the network:
> launch Thunderbird, no start screen, first attempt to check mail, it
> tells me that there's no network connection, second attempt it connects.
>
> The scheduled DejaDup backup always fails with no network but will run
> manually no problem. Firefox can't find Google but the Nagios
> web interface is fine as is all the cli stuff (ping, ssh, etc).
>
> Most annoyingly, yum update goes through every mirror before partially
> downloading part of the updates & if the updates are large, it takes
> about three attempts to get them all installed.
>
> I'd like to clear this up naturally especially as in the next couple of
> weeks I'll be upgrading this box to Fedora 18 & the last thing I need is
> a dodgy network connection.
>
> All the machines below are on the same LAN & they all work fine after
> the IP address change, it's only the Fedora box that's causing problems.
>
> Any help appreciated. I'm stuck.
>
> Cheers,
>
> Phil...
>
Check your name server settings. Does /etc/resolv.conf have a name
server that from the old IP address? Do you have one machine on the
network that runs a catching name server and the rest of the Fedora
machines are looking for it at the old address? Or are you running
something like dnsmasq on the machines, and have the old IP address
in the config file?
Mikkel
--
Do not meddle in the affairs of dragons, for thou art crunchy and
taste good with Ketchup!
11 years