BIND9 have very good function RPZ.
You can create DNS zone (like malware) and add malicious domains in it.
DNS server in response is giving my defined IP address aka DNS Firewall
[zone file]
...
$ORIGIN com.malware.
$TTL 5 ; 5 seconds
example A 127.0.0.1
[request]
$ dig example.com +short
127.0.0.1
[log]
(example.com): rpz QNAME Local-Data rewrite example.com/A/IN via example.com.malware
I wondering, if Windows Server 2019 DNS have the same native functionality?
I read all documentation regarding DNS Policy without any luck
Related
I am using Windows Server 2019 and in IIS 10 I have created a website and I have bound it to both: "localhost" and "mydomain.com" on port 80.
mydomain.com works correctly from any client but on the server only when I call "localhost" it works otherwise I get the following error (when called by domain):
Configure your DNS in your local server to resolve the domain name as localhost
On clients, your request domain.com is resolved by its configured DNS.
It can be on public DNS (internet) or private ones (company, intranet).
From the server domain.com, do you have access to the same DNS than your clients use ?
If not, either configure additional DNS servers :
https://serverspace.io/support/help/configuring-a-dns-server-on-windows-server-2012-or-later/
or you could edit you Host file of mydomain.com (local DNS):
C:\Windows\System32\drivers\etc\hosts
It may look like that :
127.0.0.1 localhost
127.0.1.1 mydomain.com
# and existing settings
I have a domain bought from GoDaddy. I have set the custom name servers this
ns1.domain.com
ns2.domain.com
and set hostname
ns1 52.70.xxx.xxx(aws ip)
ns2 52.70.xxx.xxx (aws ip)
As I have installed WHM in my amazon aws instance. so In WHM, I have created an account and then went to Edit DNS Zone and added A records. These are my settings there
But I don't see my domain working and I am not able to see Cpanel of the domain as well.
what am I missing?
Please follow these steps to integrate your domain into whm and create a cpanel.
Create an account in WHM by going into Account Functions->Create Account: enter your domain here
Go to DNS Functions->Edit Dns Zone and click your domain and add A records
Then Go to Godaddy or any Company where you have purchased your domain and edit the name servers. For example if the nameservers you set in whm dns were ns1 and ns2 then same add here(e.g godaddy). In your case it would be
ns1.domain.com
ns2.domain.com
Click Manage hostname in Godaddy and add
ns1 52.70.xxx.xxx(aws ip)
ns2 52.70.xxx.xxx (aws ip)
Your domain should be working here. But If still It didn't work then
Check if ports(2087,2083,53,2095) are open. Check it from the terminal
nmap -Pn -sT 172.31.iphere --reason -p 2087,2083,2095,53
If any port is closed. Open it from the aws by going into Security Firewall.
Please note, 2083 and 2095 will always show as closed from external port scans as these ports are only opened publicly based on valid sessions established from within the cPanel server.
Verify again if your DNS port is opened
nmap -Pn -sT 172.31.iphere --reason -sU -p 53
After opening all the ports rebuilt your DNS configuration on the server by typing these commands on the terminal
cpanel root#9449099 /var/named]cPs# cd /etc
cpanel root#9449099 /etc]cPs# mkdir /root/cptechs
cpanel root#9449099 /etc]cPs# mv named.conf /root/cptechs
cpanel root#9449099 /etc]cPs# mv rndc.* /root/cptechs
cpanel root#9449099 /etc]cPs# /scripts/rebuilddnsconfig
Hope it helps
Are you using Nameservers for domain.com that are ns1/2.domain.com?
If this is the case the domain will not be able to resolve without adding the ns1/2. as "Child Nameservers".
You can create that for your domain through GoDaddy https://uk.godaddy.com/help/add-my-own-host-names-as-nameservers-12320
Alternatively - you can post your domain so we can troubleshoot it if it's a DNS issue.
I'm installing Zimbra Collaboration Server on my local machine to test them mail server. During installation I got error:
DNS ERROR resolving MX for my.local.domain
It is suggested that the domain name have an MX record configured in DNS
I don't have experience with zimbra or mail serwer. In Internet I found incomplete solutions like:
Add this record to config:
server1 IN MX 10 server1.tm.local.
but I don't know where exactly should I add this or how to proper config mail server.
My question is, how to proper config dns to work with zimbra?
You can install zimbra without MX record but A record of the hostname must be resolved on installation
you have to set a hostname with :
#hostname server1.yourdomain.com
edit /etc/hostname and enter "server1"
edit /etc/hosts by adding :
ip-address server1.yourdomaine.com server1
test it by pinging server1.yourdomaine.com
restart the install when zimbra tell you if want to change mx record answer by NO
I have an EC2 instance (Amazon AMI) on AWS and I have a purchased a domaine name on Gandi.net.
Let's imagine my domain name is "teaorcoffee.com".
On Gandi, I have set up a sub-domain name "dev" to delegate DNS to my EC2 instance. Here is the configuration in the zone file on Gandi :
dev 10800 IN NS ec2-22-222-222-22.eu-west-1.compute.amazonaws.com.
I would like to configure sub-domain of "dev.teaorcoffee.com" on my EC2 instance, like "sql.dev.teaorcoffee.com".
I am trying to do that with :
the "bind" util
the file "named.conf.local" wich is included in the file "named.conf"
and a "dev.teaorcoffee.com" zone file
but without success.
Here is the "named.conf.local" file :
zone "dev.teaorcoffee.com" IN {
type master;
file "/var/named/dev.teaorcoffee.com";
allow-update { none; };
};
Here is the "dev.teaorcoffee.com" zone file :
$TTL 60
# IN SOA master.dev.teaorcoffee.com. support.teaorcoffee.com. (
2013030300
60
60
60
38400 )
dev.teaorcoffee.com. IN NS master
master.dev.teaorcoffee.com. IN A 127.0.0.1
sql IN CNAME master
I can restart the dns without any error with the command :
sudo /etc/init.d/named restart
But when I am trying to do a nslookup on "dev.teaorcoffee.com" and its sub-domain, I get the following error :
nslookup dev.teaorcoffee.com
Server: 127.0.0.1
Address: 127.0.0.1#53
* Can't find dev.teaorcoffee.com: No answer
What can I change to make it work ?
Thanks in advance for any help.
Once you have created an A record for your subdomain poiting to your EC2 server you are good to go.
If you're going to use Apache just configure the virtual host in your apache httpd.conf http://httpd.apache.org/docs/2.2/vhosts/examples.html
If you are going to use like a mysql server, there is nothing to do.
Just make sure the port of the services you are going to use are opened in your EC2's security group.
And an advice, migrate your domain zone to route 53 - is much easier to admin.
HTH
I have a centOS system(embedded and has very binaries) with the following /etc/hosts.
$cat /etc/hosts
127.0.0.1 localhost localhost
Also the host is assigned a DNS server which returns some invalid IP for the domain name lookup of localhost. But I cannot avoid a connection to this DNS due to some network restrictions.
My question is, when I already have a valid /etc/hosts file why is the system querying the DNS for localhost? And how can I stop that?
Any help would be greatly appreciated.
Check that you have files listed before dns for the hosts entry in /etc/nsswitch.conf.
[me#home]$ grep "^hosts" /etc/nsswitch.conf
hosts: files dns
If dns comes first, then your system will always query DNS to resolve hostnames before falling back to /etc/hosts.