Let’s say we want to add reverse DNS delegation for the IP block 123.234.12.0/24 The first step of the configuration is on the nameserver, BIND on our case. Create the relevant reverse DNS file on /var/named/rev and then edit the file: cd /var/named/rev touch 123.234.12 vim 123.234.12 The file contents should be like the following: […]
Everything started with a few queries of isc.org thrugh open DNS servers located at our data center. Searching through the net we found that we are not the victims but a part of uncomprimised sources of a huge DDoS attack. A 60 byte query will turn into 50 times larger data directed to victims IP […]
If you own your DNS servers, you should probably want to close recursive queries being gathered from your servers. In named.conf edit the options directive and add: options { allow-transfer {Secondary Server IP; }; allow-recursion { 127.0.0.1; A.B.C/24; }; }; In secondary server: add to options: allow-transfer { none; }; allow-recursion { 127.0.0.1; A.B.C/24; };