[H-GEN] dns problems
Jason Henry Parker
jasonp at uq.net.au
Tue Sep 4 06:12:00 EDT 2001
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Please observe the list's charter. ]
[ Worthwhile understanding: http://www.humbug.org.au/netiquette.html ]
Bradley Marshall <bradm at uq.net.au> writes:
> This happens occasionally with anz.com - they have a
> ridiculously low TTL, as you can see by the SOA. This can
> cause problems as you see above.
>
> $ host -t soa anz.com
> anz.com SOA bastion02.anz.com hostmaster.anz.com (
> 2001082800 ;serial (version)
> 900 ;refresh period (15 minutes)
> 900 ;retry interval (15 minutes)
> 604800 ;expire time (1 week)
> 60 ;default ttl (1 minute)
> )
How does a low TTL (and this one _is_ ridiculously low) cause the
problems seen? The bind manpage says it's used for negative caching
and refers the reader to rfc 2308, which references rfc 1034.
It's not clear to me how this problem comes about; how exactly is a
low default TTL exploited to wrest control of a record?
--
||----|---|------------|--|-------|------|-----------|-#---|-|--|------||
| linux.conf.au 2002 call for papers relased! jasonp at uq.net.au |
| see http://linux.org.au/conf/ #soc.bi on OPN |
||--|--------|--------------|----|-------------|------|---------|-----|-|
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.
More information about the General
mailing list