Dns problem

imago · 07-22-2008, 10:25 AM

hi...

Can anyone explain me how to prevent this error on DNS. I've been setup and configuring dns server..

Jul 22 11:22:47 ns1 named[16936]: client 92.114.98.10#58404: query 'wsiph3.com/NS/IN' denied
Jul 22 11:22:47 ns1 named[16936]: client 92.114.98.10#58405: query 'wsiph3.com/MX/IN' denied
Jul 22 11:22:47 ns1 named[16936]: client 92.114.98.10#58406: query 'wsiph3.com/SOA/IN' denied
Jul 22 11:22:47 ns1 named[16936]: client 92.114.98.10#58408: query (cache) 'adobe.com/A/IN' denied
Jul 22 11:22:48 ns1 named[16936]: client 89.36.21.43#12685: query 'www.wsiph3.com/A/IN' denied
Jul 22 11:22:49 ns1 named[16936]: client 89.36.21.43#12685: query 'www.wsiph3.com/A/IN' denied
Jul 22 11:22:49 ns1 named[16936]: client 89.36.21.43#12685: query 'ns1.wsiph3.com/AAAA/IN' denied
Jul 22 11:22:49 ns1 named[16936]: client 89.36.21.43#12685: query 'ns2.wsiph3.com/AAAA/IN' denied
Jul 22 11:23:14 ns1 named[16936]: client 195.60.98.252#4445: query 'wsiph3.com/SOA/IN' denied

thanks...

trickykid · 07-22-2008, 10:42 AM

Are these client denies from your own network? Is this DNS open to the world? Look like general requests for domains that this DNS is not setup or configured with, which is pretty typical with a DNS server that is accessible from the outside world.

imago · 07-22-2008, 10:45 AM

hi..

Can you teach me how plsssssssssss..

thanks

trickykid · 07-22-2008, 10:47 AM

Quote:

Originally Posted by imago

hi..

Can you teach me how plsssssssssss..

thanks

Teach you what? I can't teach you anything unless you answer my questions I asked.

imago · 07-22-2008, 10:52 AM

// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {

listen-on port 53 {127.0.0.1; 192.168.1.4;};
directory "/var/named";
forwarders {
58.69.254.72;
58.69.254.137;
};
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// query-source port 53;
// query-source-v6 port 53;
listen-on { any; };
allow-query { localhost; 192.168.1.0/24; };
};

zone "." IN {
type hint;
file "named.ca";
};

zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

zone "wsiph3.com" IN {
type master;
file "wsiph3.com.zone";
allow-update { none; };
};

zone "1.168.192.in-addr.arpa" IN {
type master;
file "wsiph3.com.rev.zone";
allow-update { none; };
};

include "/etc/rndc.key";

kindly check if it's right?

trickykid · 07-22-2008, 10:59 AM

Well, you have it to only allow localhost and 192.168.1.0/24:

Code:

allow-query { localhost; 192.168.1.0/24; };

So these clients trying to connect from 92.114.98.10 and 89.36.21.43 and 195.60.98.252 are getting denied cause you're not allowing them to query the server cause they don't fall into the 192.168.1.0/24 IP Range.

imago · 07-22-2008, 11:06 AM

thanks sir

trickykid · 07-22-2008, 11:09 AM

Quote:

Originally Posted by imago

thanks sir

No problem. Where's my "That was Easy!" button..