Michael's questions -server

Michael

Asked: 2017-05-24 05:28:48 +0800 CST

How do DNS servers not get hijacked? [duplicate]

In a domain name registrar you have the option to set name servers as such: ns1.example.com, etc. and you don't have to specify the IP address of the name servers.

Well, what if I create a set of name servers and have them set as someone else's domain?

What is stopping the domain name from resolving to the lookalike DNS servers I just created ?

example:

Say you have a domain, peanuthead.com. You go to digital ocean and create two name servers with BInd9: ns1.peanuthead.com and ns2.peanuthead.com. you go back to your registrar and set your name servers to ns1.peanuthead.com and ns2.peanuthead.com. this means when you go to peanuthead.com it will query thoes dns servers.

What if someone randomly creates two name servers that you created, ns1.peanuthead.com and ns2.peanuthead.com? what stops the domain peanuthead.com from querying those name servers created by someone else?

Michael

Asked: 2017-05-09 14:59:04 +0800 CST

DNS server not resolving mail server host name

I have two name servers setup with bind. website, example.com, pings and displays fine so I know the dns record for it is ok. But, browsing to mail.example.com and pinging mail.example.com is a fail 90% of the time.

The funny thing is that sometimes a ping test does find mail.example.com and I can check my webmail just fine by browsing to mail.example.com but that only last for about 30 minutes then any ping test after that is back to not being able to resolve mail.example.com and I am not able to navigate to mail.example.com.

by the way, If I ping the mail server just by its public IP and not by the host name mail.example.com, everything is fine and resolving 100% of the time. I can also navigate to my mail server IP in the browser 100% of the time to check my mail and everything is fine. I know this is not a server issue, its got to be DNS.

I don't have something right with my DNS server.

please have a look at my information below and see if you can tell me what I am doing wrong.

When mail.example.com does load in the browser, I run a ping test and this is what I get.

Pinging mail.phrixis.com [52.27.16.178] with 32 bytes of data:
Request timed out.

its actually showing the IP to my mail server.

When I browse to mail.example.com and it doesn't load, I do a ping test and this is what I get.

ping mail.phrixis.com
ping: uknown host mail.phrixis.com

its not picking up the mail server IP at all this time, so that is why its not loading in the browser.

its as if my dns server half the time is saying, " yea, I know where mail.example.com is located" and then the other half of the time it saying "nope, I forgot where mail.example.com is at".

when logged into the ns1.example.com, I dig for mail.example.com and this is what I get.

[root@ns1 ~]# dig @localhost mail.phrixis.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.1 <<>> @localhost mail.phrixis.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8581
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;mail.phrixis.com.              IN      A

;; ANSWER SECTION:
mail.phrixis.com.       86400   IN      A       52.27.16.178

;; AUTHORITY SECTION:
phrixis.com.            86400   IN      NS      ns1.phrixis.com.
phrixis.com.            86400   IN      NS      ns2.phrixis.com.

;; ADDITIONAL SECTION:
ns1.phrixis.com.        86400   IN      A       107.170.58.69
ns2.phrixis.com.        86400   IN      A       138.197.212.168

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Mon May  8 20:00:02 2017
;; MSG SIZE  rcvd: 118

[root@ns1 ~]#

When logged into ns1.example.com, I dig example.com and this is what I get.

[root@ns1 ~]# dig @localhost phrixis.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.1 <<>> @localhost phrixis.com
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31758
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;phrixis.com.                   IN      A

;; ANSWER SECTION:
phrixis.com.            86400   IN      A       162.243.60.215

;; AUTHORITY SECTION:
phrixis.com.            86400   IN      NS      ns1.phrixis.com.
phrixis.com.            86400   IN      NS      ns2.phrixis.com.

;; ADDITIONAL SECTION:
ns1.phrixis.com.        86400   IN      A       107.170.58.69
ns2.phrixis.com.        86400   IN      A       138.197.212.168

;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Mon May  8 20:03:58 2017
;; MSG SIZE  rcvd: 113

[root@ns1 ~]#

Here is my named.conf file

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
        #listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        allow-transfer  { localhost; 138.197.212.168; };
        recursion no;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "phrixis.com" IN {
        type master;
        file "phrixis.com.zone";
        allow-update { none; };
};

Here is my example.com.zone file

$TTL 86400
@  IN   SOA     ns1.phrixis.com. root.phrixis.com. (
        2013042201      ;Serial
        3600            ;Refresh
        1800            ;Retry
        604800          ;Expire
        86400           ;Minimum TTL
)
; Specify our two nameservers
                IN      NS              ns1.phrixis.com.
                IN      NS              ns2.phrixis.com.
; Resolve nameserver hostnames to IP, replace with your two droplet IP     addresses.
ns1             IN      A               107.170.58.69
ns2             IN      A               138.197.212.168

; Define hostname -> IP pairs which you wish to resolve.
@               IN      A               162.243.60.215
WWW             IN      A               162.243.60.215
mail            IN      A               52.27.16.178
            IN      MX      10      mail.phrixis.com.

any response is greatly appreciated as I am new to running DNS servers.

How do DNS servers not get hijacked? [duplicate]

DNS server not resolving mail server host name

When mail.example.com does load in the browser, I run a ping test and this is what I get.

When I browse to mail.example.com and it doesn't load, I do a ping test and this is what I get.

when logged into the ns1.example.com, I dig for mail.example.com and this is what I get.

When logged into ns1.example.com, I dig example.com and this is what I get.

Here is my named.conf file

Here is my example.com.zone file

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?