Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Home Questions Tags Users Unanswered Windows 2016 DNS server returns SERVFAIL for non-existing doma
Special Forums Windows & DOS: Issues & Discussions Home Questions Tags Users Unanswered Windows 2016 DNS server returns SERVFAIL for non-existing doma Post 303043665 by broy32000 on Monday 3rd of February 2020 09:59:52 AM
Old 02-03-2020
Just asking for another help, if you can. I was analysing my DNS traffic using tcpdump (not verbose mode) in a AIX client. I found that a lot of repeat of transaction IDs over matter of hours. Is it expected?

Code:
22:39:52.301965 IP 192.168.1.119.56880 > 192.168.1.126.53: 49968+ A? shavar.services.mozilla.com. (45)

Last edited by vbe; 02-04-2020 at 04:29 AM.. Reason: code tags
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

ftp server on old home computer - a few questions

Hi! Very new to unix stuff, and this is my first post to the forum. I'm pretty sure I know enough to know I know nothing, so please be patient with me and don't laugh too hard. Ok, I've got an old computer and a laptop - the old computer was bought in the mid 90's it's still running windows... (1 Reply)
Discussion started by: boredbody
1 Replies

2. Windows & DOS: Issues & Discussions

Install Windows 2003 R2 on existing Windows 2008

Hi, I am trying to install WIndows 2003 R2 Server on existing Windows 2008 server. When I run the 2003 cd it says no disk found. What can be the problem. (2 Replies)
Discussion started by: gunnervarma
2 Replies

3. UNIX for Dummies Questions & Answers

dlsym() returns 0 for an existing function

Sometimes I observe this in gdb: (gdb) br my_function Breakpoint .. at 0x...: file ..., line ... i.e., "my_function" does exist in the current executable. however, dlsym does not find it: (gdb) p dlsym(0,"my_function") $6 = 0 This is a C program; dlsym does find other defined functions and... (2 Replies)
Discussion started by: sds
2 Replies

4. UNIX for Advanced & Expert Users

DNS server choice: Windows DNS vs Linux BIND

I'd like to get some opnions on choosing DNS server: Windows DNS vs Linux BIND comparrsion: 1) managment, easy of use 2) Security 3) features 4) peformance 5) ?? I personally prefer Windows DNS server for management, it supports GUI and command line. But I am not sure about security... (2 Replies)
Discussion started by: honglus
2 Replies

5. UNIX for Advanced & Expert Users

Yahoo Interview unanswered questions

Hi guys, please help me get the answers of these questions which I faced in an interview @ Yahoo 1. I want to " ls " few million files, certainly I cannot do so because ls has some restriction in KBs, how can I do it alternatively. 2. Change the system in such a way that while booting up,... (2 Replies)
Discussion started by: gauravsharma29
2 Replies

6. IP Networking

DNS: Dig returns different responses...

Hey everyone, Okay, so I've been having some fun with the dig command, and wanted to dig my old school. Two questions came up from this. So I: dig @8.8.8.8 +recurse njcu.edu ANY and the result is about 8 records, including the SOA record. One of them is this weird TXT record, and the other is... (1 Reply)
Discussion started by: Lost in Cyberia
1 Replies

7. Hardware

Stack Overflow Questions Tags Users Badges Unanswered Ask Question Ask for the explanation of types

I have read a document which tells me the following 4 things are done by the RAM embedded on disk driver controller. But I don't know what's difference between buffer and cache. Thanks! RAM on disk drive controllers 1 firmware 2 speed matching buffer 3 prefetching buffer 4 cache (1 Reply)
Discussion started by: 915086731
1 Replies

8. Solaris

Tilde prefix returns invalid home directory.

I am trying to find the home directory of users on a UNIX (Solaris/AIX) box using echo ~usernameThis does return the home directory for all valid users. For some reason this command also outputs home directory which are non-existent for few users who seem not to have logon access to that... (31 Replies)
Discussion started by: thinkster
31 Replies

9. Solaris

DNS client added to DNS server but not working

Hi, We have built a new server (RHEL VM)and added that IP/hostname into dns zone configs file on DNS server (Solaris 10). Reloaded the configuration using and added nameserver into resolv.conf on client. But when I am trying nslookup, its not getting resolved. The nameserver is not able to... (8 Replies)
Discussion started by: snchaudhari2
8 Replies

LEARN ABOUT DEBIAN

mxallowd

mxallowd(1)							   User Manuals 						       mxallowd(1)

NAME

       mxallowd - dynamically whitelist your Mail eXchanger

SYNOPSIS

       mxallowd  [-d]  [-c  configfile]  [-t whitelist-time] [-p pflog-interface] [-l pcap-filter] [-F] [-s] [-q] [-p] -f fake-mailserver -r real-
       mailserver -n queue-num

DESCRIPTION

       mxallowd is a daemon which uses libnetfilter_queue (on Linux) or pf and pflog (on BSD) to allow (or deny) connections to a  mailserver  (or
       similar application) if the remote host hasn't connected to a fake daemon before.

       This  is  an improved version of the so-called nolisting (see http://www.nolisting.org/). The assumption is that spammers are not using RFC
       2821-compatible SMTP-clients and are sending fire-and-forget spam (directly to the first or second MX-entry  without  retrying  on  error).
       This direct access is blocked with mxallowd, you'll only get a connection if you retry.

       NOTE:  It  is  highly recommended to install nscd (nameserver caching daemon) or a similar software in order to speed-up DNS lookups. Since
       version 1.3, DNS lookups are done in a thread (so they don't block the main process), however,  on  very-high-traffic-sites,  mxallowd  may
       show significantly better overall performance in combination with nscd.

OPTIONS

       -b, --no-rdns-whitelist
	      Disable whitelisting all IP-addresses that have the same RDNS as the connecting one (necessary for google mail)

       -c, --config
	      Specifies an alternative configuration file (instead of /etc/mxallowd.conf)

       -t, --whitelist-time
	      Specify the amount of time (in seconds) until an IP-address will be removed from the whitelist

       -s, --stdout
	      Log to stdout, not to syslog

       -q, --quiet
	      Don't log anything but errors.

       -f, --fake-mailserver
	      Specify which IP-address the fake mailserver has (connecting to it will whitelist you for the real mailserver)

       -r, --real-mailserver
	      Specify which IP-address the real mailserver has

       -F, --foreground
	      Do not fork into background, stay on console

       -n, --queue-num (only available when compiled for netfilter_queue)
	      Specify  the  queue  number which will be used for the netfilter_queue-link. This has to be the same which is specified in the ipta-
	      bles-rule and it has to be specified, there is no default.

       -p, --pflog-interface (only available when compiled for pf)
	      Specify the pflog(4) interface which you configured in pf(4). The default is pflog0. Also see the pcap-filter-option if you  use	an
	      interface which does not only get smtp-traffic.

       -l, --pcap-filter (only available when compiled for pf)
	      Specify the filter for pcap. The default is "port 25". See tcpdump(8) for more information on the filters.

FILES

       /etc/mxallowd.conf
	      System-wide configuration file. Use the long options without the beginning two dashes. For example:

		   stdout
		   fake-mailserver 192.168.1.3
		   fake-mailserver 192.168.1.4
		   real-mailserver 192.168.1.5
		   queue-num 23

EXAMPLES FOR NETFILTER

       The  machine  has  two  IP-addresses.  The  mailserver  only  listens  on 192.168.1.4, the nameserver returns the mx-records mx1.domain.com
       (192.168.1.3) with priority 5 and mx2.domain.com (192.168.1.4) with priority 10.

       # modprobe nfnetlink_queue
       # iptables -A INPUT -p tcp --dport 25 -m state --state NEW -j NFQUEUE --queue-num 23
       # mxallowd -s -F -f 192.168.1.3 -r 192.168.1.4 -n 23

       Then open a separate terminal and connect via telnet on your real mailserver. You'll see the connection attempt being dropped. Now  connect
       to the fake mailserver and watch mxallowd's output. Afterwards, connect to the real mailserver to verify your mailserver is still working.

EXAMPLES FOR PF

       The  machine  has  two  IP-addresses.  The  mailserver  only  listens  on 192.168.1.4, the nameserver returns the mx-records mx1.domain.com
       (192.168.1.3) with priority 5 and mx2.domain.com (192.168.1.4) with priority 10.

       Create a pf.conf like this:

	    table <mx-white> persist

	    real_mailserver="192.168.1.4"
	    fake_mailserver="192.168.1.3"

	    real_mailserver6="2001:dead:beef::1"
	    fake_mailserver6="2001:dead:beef::2"

	    pass in quick log on fxp0 proto tcp from <mx-white> to $real_mailserver port smtp
	    pass in quick log on fxp0 inet6 proto tcp from <mx-white> to $real_mailserver6 port smtp
	    block in log on fxp0 proto tcp to { $fake_mailserver $real_mailserver } port smtp
	    block in log on fxp0 inet6 proto tcp to { $fake_mailserver6 $real_mailserver6 } port smtp

       Afterwards, load it and start mxallowd using the following commands:

       # pfctl -f /etc/pf.conf
       # mxallowd -s -F -f 192.168.1.3 -r 192.168.1.4

       Then open a separate terminal and connect via telnet on your real mailserver. You'll see the connection attempt being dropped. Now  connect
       to the fake mailserver and watch mxallowd's output. Afterwards, connect to the real mailserver to verify your mailserver is still working.

       The ruleset for pf is actually longer because pf does more than netfilter on linux -- netfilter passes the packets and lets mxallowd decide
       whether to drop/accept whilst pf blocks/passes before even "passing" to mxallowd.

SEE ALSO

       iptables(8), pf(4), pflog(4), tcpdump(8)

AUTHOR

       Michael Stapelberg <michael+mxallowd at stapelberg dot de>

Linux								    MARCH 2012							       mxallowd(1)
All times are GMT -4. The time now is 03:26 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy