1 2 http redhat com docs manuals enterprise rhel 3 manual
play

1 2 - PDF document

Dec 04, 2023 •216 likes •772 views

1 2 http://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/s1- bind-zone.html 5 6 7 8 9 10 11 12 13 14 The sponsor of the TLD is responsible to develop of policies, ensure transparency and accountability in its

  1. 1

  2. 2

  4. http://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/s1- bind-zone.html

  5. 5

  6. 6

  7. 7

  8. 8

  9. 9

  10. 10

  11. 11

  12. 12

  13. 13

  14. 14

  15. The sponsor of the TLD is responsible to develop of policies, ensure transparency and accountability in its operations, and maintain the best interest of the sponsored internet community. 15

  16. 16

  17. 17

  18. 18

  19. 19

  20. 20

  21. 21

  22. 22

  23. 23

  24. 24

  25. 25

  26. 26

  27. https://en.wikipedia.org/wiki/SOA_record namename of the zoneINzone class (usually IN for internet) SOAabbreviation for Start of Authority MNAMEPrimary master name server for this zone* UPDATE requests should be forwarded toward the primary master [2] * NOTIFY requests propagate outward from the primary master [3] RNAMEEmail address of the administrator responsible for this zone. (As usual, the email address is encoded as a name. The part of the email address before the @becomes the first label of the name; the domain name after the @ becomes the rest of the name. In zone-file format, dots in labels are escaped with backslashes; thus the email address john.doe@example.com would be represented in a zone file as john\.doe.example.com.) SERIALSerial number for this zone. If a secondary name server slaved to this one observes an increase in this number, the slave will assume that the zone has been updated and initiate a zone transfer. REFRESHnumber of seconds after which secondary name servers should query the master for the SOA record, to detect zone changes.

  28. Recommendation for small and stable zones: [4] 86400 seconds (24 hours). RETRYnumber of seconds after which secondary name servers should retry to request the serial number from the master if the master does not respond. It must be less than Refresh . Recommendation for small and stable zones: [4] 7200 seconds (2 hours). EXPIREnumber of seconds after which secondary name servers should stop answering request for this zone if the master does not respond. This value must be bigger than the sum of Refresh and Retry . Recommendation for small and stable zones: [4] 3600000 seconds (1000 hours). TTL, a.k.a. MINIMUMTime To Live for purposes of negative caching. Recommendation for small and stable zones: [4] 172800 seconds (2 days). Originally this field had the meaning of a minimum TTL value for resource records in this zone; it was changed to its current meaning by RFC 2308. [5] The MINIMUM field of the SOA controls the length of time that the negative result may be cached. when a name server loads a zone, it forces the TTL of all authoritative RRs to be at least the MINIMUM field of the SOA, here 86400 seconds, or one day. The <time-to-refresh> directive is the numerical value slave servers use to determine how long to wait before asking the master nameserver if any changes have been made to the zone. The <time-to-refresh> directive is the numerical value slave servers use to determine how long to wait before asking the master nameserver if any changes have been made to the zone. The <time-to-refresh> directive is the numerical value slave servers use to determine how long to wait before asking the master nameserver if any changes have been made to the zone. http://rscott.org/dns/soa.html: yes. Hostmaster.mylab.com is an email addfress. @ sign is not allowed in a rr. 27

  29. 28

  30. 29

  31. 30

  32. 32

  33. 33

  34. 34

  35. 35

  36. 36

  37. 37

  38. Source / Destination IP address These reflect the IP addresses of the machines that sent and should receive the packet. It's possible to forge the source address, but pointless to forge the destination. Analog in the real world: on an envelope sent in the US Mail, you can put anything you want as the return address — the source address — but if you lie about the recipient, it's not going to go where you want. Source / Destination port numbers DNS servers listen on port 53/udp for queries from the outside world, so the first packet of any exchange always includes 53 as the UDP destination port. The source port varies considerably (though not enough, as we'll find shortly): sometimes it's also port 53/udp, sometimes it's a fixed port chosen at random by the operating system, and sometimes it's just a random port that changes every time. As far as DNS functionality is concerned, the source port doesn't really matter as long as the replies get routed to it properly. But this turns out to be the crux of the problem at hand. Query ID This is a unique identifier created in the query packet that's left intact by the server sending the reply: it allows the server making the request to associate the answer with the question. A nameserver might have many queries outstanding at one time — even multiple queries to the same server — so this Query ID helps match the answers with the awaiting questions. This is also sometimes called the Transaction ID (TXID). QR (Query / Response) Set to 0 for a query by a client, 1 for a response from a server. Opcode Set by client to 0 for a standard query; the other types aren't used in our examples. AA (Authoritative Answer) Set to 1 in a server response if this answer is Authoritative, 0 if not. TC (Truncated) Set to 1 in a server response if the answer can't fit in the 512-byte limit of a UDP packet response; this means the client will need to try again with a TCP query, which doesn't have the same limits. RD (Recursion Desired) The client sets this to 1 if it wishes that the server will perform the entire lookup of the name recursively, or 0 if it just wants the best information the server has and the client will continue with the iterative query on its own. Not all nameservers will honor a recursive request (root servers, for instance, won't ever perform recursive queries).

  39. RA (Recursion Available) The server sets this to indicate that it will ( 1 ) or won't ( 0 ) support recursion. Z — reserved This is reserved and must be zero rcode Response code from the server: indicates success or failure Question record count The client fills in the next section with a single "question" record that specifies what it's looking for: it includes the name ( www.unixwiz.net ), the type ( A , NS , MX , etc.), and the class (virtually always IN =Internet). The server repeats the question in the response packet, so the question count is almost always 1 . Answer/authority/additional record count Set by the server, these provide various kinds of answers to the query from the client: we'll dig into these answers shortly. DNS Question/Answer data This is the area that holds the question/answer data referenced by the count fields above. These will be discussed in great detail later. 39

  40. 40

  41. 41

  42. 42

  43. 43

  44. 44

  45. 45

  46. 46

  47. 47

  48. 48

  50. 50

  51. 51

  52. Ways to amplify: To amplify a DNS attack, each DNS request can be sent using the EDNS0 DNS protocol extension, which allows for large DNS messages, or using the cryptographic feature of the DNS security extension (DNSSEC) to increase message size. Spoofed queries of the type “ANY,” which returns all known information about a DNS zone in a single request, can also be used. Upload a large TXT record, and query for that record 52

  53. 53

  54. 57

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Minor Aside MIPS manual posted: check it out http:// www-cse.ucsd.edu/classes/fa08/cse141/docs /

Minor Aside MIPS manual posted: check it out http:// www-cse.ucsd.edu/classes/fa08/cse141/docs /

Minor Aside MIPS manual posted: check it out http:// www-cse.ucsd.edu/classes/fa08/cse141/docs / 1 Measuring Performance: Chapter 4! Or My computer is faster than your computer with thanks to Larry Carter, UCSD 2 Performance Marches On

430 views • 29 slides
State-of-the-Art (SOTA) Manual Date February 4, 2011 1 State-of-the-Art (SOTA) Manuals

State-of-the-Art (SOTA) Manual Date February 4, 2011 1 State-of-the-Art (SOTA) Manuals

State-of-the-Art (SOTA) Manual Date February 4, 2011 1 State-of-the-Art (SOTA) Manuals SOTA Manual for Asphalt Pavement Production Plants Reviewed data that was the basis for the NO x limits in N.J.A.C. 7:27-19.9 Asphalt Pavement

869 views • 11 slides
Massachusetts Association of School Committees, Inc Online Policy Manual Online Policy Manuals

Massachusetts Association of School Committees, Inc Online Policy Manual Online Policy Manuals

Massachusetts Association of School Committees, Inc Online Policy Manual Online Policy Manuals Create a convenient, paperless policy collection Accessible to School Committee members, administrators, teachers, and parents Anytime,

77 views • 3 slides
Training Manual Google Docs and the Chrome browser work great together! If you do not have the

Training Manual Google Docs and the Chrome browser work great together! If you do not have the

Freehold Borough Schools Technology Department Training Manual Google Docs and the Chrome browser work great together! If you do not have the Chrome browser on your laptop, please put in a helpdesk ticket. Go to the district website

575 views • 18 slides
MDN Browser Compatibility Data Florian Scholz @floscholz MDN web docs MDN web docs is a

MDN Browser Compatibility Data Florian Scholz @floscholz MDN web docs MDN web docs is a

MDN Browser Compatibility Data Florian Scholz @floscholz MDN web docs MDN web docs is a collaborative, high quality web documentation site providing information about web technologies like HTML, CSS, JavaScript, Web APIs and HTTP.

495 views • 22 slides
gOlogy: impact of -O* on -g Alexandre Oliva aoliva@redhat.com http://people.redhat.com/~aoliva/

gOlogy: impact of -O* on -g Alexandre Oliva aoliva@redhat.com http://people.redhat.com/~aoliva/

1 gOlogy: impact of -O* on -g Alexandre Oliva aoliva@redhat.com http://people.redhat.com/~aoliva/ GNU Tools Cauldron, 2018 gOlogy: impact of -O* on -g Alexandre Oliva 2 Summary Project description Ground assumptions Main

945 views • 10 slides
Enterprise desktop at home with FreeIPA and GNOME Alexander Bokovoy ( abokovoy@redhat.com )

Enterprise desktop at home with FreeIPA and GNOME Alexander Bokovoy ( abokovoy@redhat.com )

January 30th, 2016 FOSDEM16 Enterprise desktop at home with FreeIPA and GNOME Alexander Bokovoy ( abokovoy@redhat.com ) Enterprise desktop at home with FreeIPA and GNOME 2 Enterprise? Enterprise desktop at home with FreeIPA and GNOME 3 *

978 views • 71 slides
Tracing Tools Michal Seklet ar msekleta@redhat.com March 21, 2019 whoami Senior Software

Tracing Tools Michal Seklet ar msekleta@redhat.com March 21, 2019 whoami Senior Software

Tracing Tools Michal Seklet ar msekleta@redhat.com March 21, 2019 whoami Senior Software Engineer RHEL systemd maintainer SW engineer interested in tracing and debugging Michal Seklet ar msekleta@redhat.com Tracing Tools March 21,

1.11k views • 38 slides
The Journalling Flash File System http://sources.redhat.com/jffs2/ David Woodhouse

The Journalling Flash File System http://sources.redhat.com/jffs2/ David Woodhouse

The Journalling Flash File System http://sources.redhat.com/jffs2/ David Woodhouse dwmw2@cambridge.redhat.com 1 The Grand Plan What is Flash? How is it used? Flash Translation Layer (FTL) NFTL Better ways of using it

355 views • 33 slides
The Journalling Flash File System http://sources.redhat.com/jffs2/ David Woodhouse

The Journalling Flash File System http://sources.redhat.com/jffs2/ David Woodhouse

The Journalling Flash File System http://sources.redhat.com/jffs2/ David Woodhouse dwmw2@cambridge.redhat.com 1 The Grand Plan What is Flash? How is it used? Flash Translation Layer (FTL) NFTL Better ways of using it

706 views • 43 slides
By the architecture of a system, I mean the complete and detailed specification of the user

By the architecture of a system, I mean the complete and detailed specification of the user

By the architecture of a system, I mean the complete and detailed specification of the user interface. For a computer this is the programming manual. For a compiler it is the language manual. For a control program it is the manuals for the

259 views • 8 slides
Wt Lab Manual Presentation Manufactured exclusively for LAB MARK. Optimal substitution Waste Tubes

Wt Lab Manual Presentation Manufactured exclusively for LAB MARK. Optimal substitution Waste Tubes

Wt Lab Manual Presentation Manufactured exclusively for LAB MARK. Optimal substitution Waste Tubes WT 96. QuickGene Price lists, manuals, presentation and leaflets at one place. WT.01.01.01. Policies Required roles for High Complexity Testing:

627 views • 3 slides
Vhost and VIOMMU Jason Wang &lt;jasowang@redhat.com&gt; (Wei Xu &lt;wexu@redhat.com&gt;) Peter

Vhost and VIOMMU Jason Wang &lt;jasowang@redhat.com&gt; (Wei Xu &lt;wexu@redhat.com&gt;) Peter

Vhost and VIOMMU Jason Wang &lt;jasowang@redhat.com&gt; (Wei Xu &lt;wexu@redhat.com&gt;) Peter Xu &lt;peterx@redhat.com&gt; Agenda IOMMU &amp; Qemu vIOMMU background Motivation of secure virtio DMAR (DMA Remapping) Design

550 views • 29 slides
First things first, sign up! http://openshift.redhat.com OpenShift, a little history Nov 2010

First things first, sign up! http://openshift.redhat.com OpenShift, a little history Nov 2010

First things first, sign up! http://openshift.redhat.com OpenShift, a little history Nov 2010 Makara acquired In 2011 merged into OpenShift project May 2012 Open Sourced GitHub, blogs, howto's, quickstarts, webinars

651 views • 32 slides
Container Live Migration Adrian Reber FOSDEM 2020, February 01 Red Hat Blog: Container

Container Live Migration Adrian Reber FOSDEM 2020, February 01 Red Hat Blog: Container

Container Live Migration Adrian Reber FOSDEM 2020, February 01 Red Hat Blog: Container migration with Podman on RHEL https://www.redhat.com/en/blog/container-migration-podman-rhel 2 FOSDEM 2020 Definition: Container Live Migration 3

789 views • 47 slides
Adit Enterprise. Adit Enterprise. Adit Enterprise. Adit Enterprise. ADIT Enterprise is a

Adit Enterprise. Adit Enterprise. Adit Enterprise. Adit Enterprise. ADIT Enterprise is a

Adit Enterprise. Adit Enterprise. Adit Enterprise. Adit Enterprise. ADIT Enterprise is a wholesale distribution business providing complete range of Electronic Security Systems Kamlesh 093232 51184 Adit Enterprise Adit Enterprise Adit

619 views • 29 slides
Meet Your Expectations With Guarantees: Beyond Worst-Case Synthesis in Quantitative Games V.

Meet Your Expectations With Guarantees: Beyond Worst-Case Synthesis in Quantitative Games V.

Meet Your Expectations With Guarantees: Beyond Worst-Case Synthesis in Quantitative Games V. Bruy` ere (UMONS) E. Filiot (ULB) M. Randour (UMONS-ULB) J.-F. Raskin (ULB) Paris - 24.01.2014 GDR IM GT Jeux: Annual Meeting Context BWC

1.54k views • 125 slides
On first-order model-based reasoning Maria Paola Bonacina Dipartimento di Informatica Universit`

On first-order model-based reasoning Maria Paola Bonacina Dipartimento di Informatica Universit`

Outline Introduction Semantic guidance Goal sensitivity Model-based reasoning SGGS: Semantically-Guided Goal Sensitive reasoning On first-order model-based reasoning Maria Paola Bonacina Dipartimento di Informatica Universit` a degli Studi

926 views • 38 slides
Lecture 8: Use Cases and Scenarios 2017-06-01 Prof. Dr. Andreas Podelski, Dr. Bernd Westphal

Lecture 8: Use Cases and Scenarios 2017-06-01 Prof. Dr. Andreas Podelski, Dr. Bernd Westphal

Softwaretechnik / Software-Engineering Lecture 8: Use Cases and Scenarios 2017-06-01 Prof. Dr. Andreas Podelski, Dr. Bernd Westphal Albert-Ludwigs-Universitt Freiburg, Germany 8 2017-06-01 main Topic Area Requirements

1.25k views • 98 slides
Synergistic use of AIRS/MODIS by using spatial and spectral response information An

Synergistic use of AIRS/MODIS by using spatial and spectral response information An

Synergistic use of AIRS/MODIS by using spatial and spectral response information An investigation of radiance differences sorted by cloud and atmospheric quantities M. Schreier, B.H. Kahn, A. Eldering, E. Fishbein D. A. Elliot, V.T. Dang, F.

704 views • 20 slides
WELCOME TO WEEK 4 OF SIMPLE IF YOU DIDNT ALREADY PLEASE GET A 3 RING BINDER AND A NOTEBOOK

WELCOME TO WEEK 4 OF SIMPLE IF YOU DIDNT ALREADY PLEASE GET A 3 RING BINDER AND A NOTEBOOK

WELCOME TO WEEK 4 OF SIMPLE IF YOU DIDNT ALREADY PLEASE GET A 3 RING BINDER AND A NOTEBOOK Have them with you at each session File different forms Write down and track homework Write down and track homework Jot down notes Tracking each

811 views • 79 slides
There is an expression similar to this in the Koran. &quot;The impious, who in his arrogance

There is an expression similar to this in the Koran. &quot;The impious, who in his arrogance

There is an expression similar to this in the Koran. &quot;The impious, who in his arrogance shall accuse our doctrine of falsity, shall find the gates of heaven shut: nor shall he enter there till a camel shall pass through the eye of a

280 views • 11 slides
Spirituality in Counselling and Psychotherapy Prof. William West, Reader in Counselling Studies,

Spirituality in Counselling and Psychotherapy Prof. William West, Reader in Counselling Studies,

Spirituality in Counselling and Psychotherapy Prof. William West, Reader in Counselling Studies, University of Manchester. Visiting Professor, University of Chester Out beyond ideas of wrongdoing and rightdoing there is a field. I'll meet

544 views • 18 slides
Spirituality in Counselling and Psychotherapy Prof. William West, Reader in Counselling Studies,

Spirituality in Counselling and Psychotherapy Prof. William West, Reader in Counselling Studies,

Spirituality in Counselling and Psychotherapy Prof. William West, Reader in Counselling Studies, University of Manchester. Visiting Professor, University of Chester Out beyond ideas of wrongdoing and rightdoing there is a field. I'll meet you

846 views • 25 slides

More recommend