North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: address spoofing

  • From: Roeland M.J. Meyer
  • Date: Mon Apr 26 04:53:15 1999

The third edition "DNS and BIND" books, from O'Reilly <http://www.ora.com> also goes into detail on how to do it.

-----------------------------
Roeland M.J. Meyer
Morgan Hill Software Company, Inc.
http://staff.mhsc.com/~rmeyer
mailto://[email protected]
-----------------------------
You can always tell the people that are forging the new frontier.
They're the ones with flaming arrows sticking out of their backs and
looking a little charred around the edges.

 



> -----Original Message-----
> From: [email protected] [mailto:[email protected]]On Behalf Of
> Andrew Brown
> Sent: Sunday, April 25, 1999 8:10 AM
> To: Phil Howard
> Cc: [email protected]
> Subject: Re: address spoofing
> 
> 
> >> then, you can have (if you want) another bind listening on other
> >> interfaces for other stuff.  like the "internal dns" server that you
> >> mentioned.  or maybe a recursive, caching-only server that listens
> >> only on 127.0.0.1.  of course...they can speak to each other if need
> >> be.  :)
> >
> >I tried 2 instances of BIND and they didn't work right.  One functioned
> >and the other played dead (very dead ... as in the process blocked and
> >would not wake up).  One needs 2 separate machines to get it to actually
> >work right (times the amount of redundancy desired).  If you know the
> >magic to make it work right, I'd sure like to know.  Maybe some kind of
> >lock somewhere?
> 
> the trick is to tell them specifically to listen on different
> interfaces.  if you don't do that, then they will collide.  other
> things (such as a different query or forwarding port, a separate pid
> file, etc.) are also rather necessary.
> 
> i will attach a small shar file that paul vixie posted to the
> bind-workers mailing list a little over a year and a half ago that
> demonstrates exactly this.
> 
> -- 
> |-----< "CODE WARRIOR" >-----|
> [email protected]             * "ah!  i see you have the internet
> [email protected] (Andrew Brown)                that goes *ping*!"
> [email protected]       * "information is power -- share the wealth."
>