Date: Mon, 14 May 2001 20:35:22 -0700 From: Gary Kline <kline@tao.thought.org> To: Ted Mittelstaedt <tedm@toybox.placo.com> Cc: Kris Kennaway <kris@obsecurity.org>, John Baxter <jbaxter@mmcable.com>, "Dan Mahoney, System Admin" <danm@prime.gushi.org>, questions@FreeBSD.ORG Subject: Re: onitoring named Message-ID: <20010514203522.A9968@tao.thought.org> In-Reply-To: <001201c0dce7$821145a0$1401a8c0@tedm.placo.com>; from tedm@toybox.placo.com on Mon, May 14, 2001 at 07:34:04PM -0700 References: <20010514025811.A32800@xor.obsecurity.org> <001201c0dce7$821145a0$1401a8c0@tedm.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 14, 2001 at 07:34:04PM -0700, Ted Mittelstaedt wrote: > >-----Original Message----- > >From: Kris Kennaway [mailto:kris@obsecurity.org] > >Sent: Monday, May 14, 2001 2:58 AM > >To: Ted Mittelstaedt > >Cc: John Baxter; Dan Mahoney, System Admin; Kris Kennaway; > >questions@FreeBSD.ORG > >Subject: Re: onitoring named > > Here's my dime's worth re a crashing named: I just finished configuring `thought.org' to be its own server: DNS, mail, web. Beginning from knowing virtually 0.0, things are working and, having read the first of at least 2 DNS/BIND/networking books, I am a wee bit more savvy. But, when I was _close_ and when my BIND configuration wasn't quite right, named would coredump at least once a day. My first suspicion was that some cracker was trying to break in..... and my BIND is v 9.1.1. I still cannot prove the coredumps were *not* due to a cracker; but since things are correct-- T's crossed, I's dotted, no more core files. gary > > > >On Mon, May 14, 2001 at 12:52:58AM -0700, Ted Mittelstaedt wrote: > > > >> Today, the most commmon response I see to nameserver problems is > >> "oh, your nameserver MUST have been hacked". This is an exciting, sexy > >> answer that just about anyone can give. > > > >Which -- so very inconveniently for your thesis -- happens to be true. > > > > I'm not sure if your agreeing that this is the most commonly given answer, > or your stating that most nameserver problems are a result of crack > attempts. > > >> It requires no real understanding of DNS by either the giver or the > >> receiver. I guess I'm just getting sick and tired of hearing it > >> because my own experience is that most likely the problem is that > >> the DNS server has, in fact, NOT been cracked, and that the problem > >> is something more subtle. > > [[ ... ]] -- Gary D. Kline kline@thought.org www.thought.org Public service Unix To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010514203522.A9968>