From owner-freebsd-chat@FreeBSD.ORG Wed Jul 23 10:14:55 2003 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5450C37B404 for ; Wed, 23 Jul 2003 10:14:55 -0700 (PDT) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id 90C4C43FBF for ; Wed, 23 Jul 2003 10:14:54 -0700 (PDT) (envelope-from brad.knowles@skynet.be) Received: from [10.0.1.2] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.6p2/8.12.3) with ESMTP id h6NHEntS024257; Wed, 23 Jul 2003 13:14:50 -0400 (EDT) (envelope-from brad.knowles@skynet.be) Mime-Version: 1.0 X-Sender: bs663385@pop.skynet.be Message-Id: In-Reply-To: <3F1EDA3F.1998.C3F0EA@localhost> References: <3F1EDA3F.1998.C3F0EA@localhost> Date: Wed, 23 Jul 2003 19:14:22 +0200 To: "Nils Holland" From: Brad Knowles Content-Type: text/plain; charset="us-ascii" ; format="flowed" cc: freebsd-chat@freebsd.org Subject: Re: DNS Question (quite a bit OT) X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jul 2003 17:14:55 -0000 At 6:55 PM +0200 2003/07/23, Nils Holland wrote: > What you have found out is actually correct, and that's the problem, > because you I want to change it. The nameservers currently "responsible" > for thunderbridge.de are ns{1,2}.modwest.com. Ahh, okay. I missed that part. Sorry! > It has also been set up > Concerning the other "oddities" you have discovered: I don't care much > about Modwest once I'm out of there, but I will let the loadbalanced.net > folks know about them. Just keep in mind that any zones you have hosted on their machines are vulnerable, and any machines within those zones could be more easily broken into by using them as a vector. If you're not going to work with them to try to help them get their stuff fixed before you move, then you want to be quick about moving your stuff somewhere else. > Interestingly, these folks don't seem to have > much of a clue about DNS anyway, upon my first type=soa query I sent to > their servers yesterday, I saw that the serial for both thunderbridge.de > and loadbalanced.net was set to 0. Even I know that this isn't too > sane, and I bet DeNIC would also have complained about this, if it > hadn't been corrected. An SOA serial number of 0 is technically legal, but would almost certainly have raised additional flags at DEnic. > And thanks for your suggestions, I'll have a look at the debugging > tools you mentioned, so I get more of a clue about this myself ;-) Good luck! -- Brad Knowles, "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)