Fast-Flux domain: a very clear example

This is a very clear example of what is Fast-Flux Domains. at ANSWER SECTION 1)  low TTL value (10 seconds) 2) different networks /16 3) different ASN for every IP address 4) CNAME for several IP address dig 1476529054.xiazaidown.com ; <<>> DiG 9.9.5-9+deb8u7-Debian <<>> 1476529054.xiazaidown.com … ;; ANSWER SECTION: 1476529054.xiazaidown.com. 600    IN    CNAME    xzz.dns-vip.net. xzz.dns-vip.net.   […]

Net::DNS::Simple new version

Added option which allows user to specify distinct nameservers to run the name resolution. Net::DNS::Simple documentation is updated. use Net::DNS::Simple; my %config = (     nameservers => [‘192.168.86.7’, ‘192.168.86.8’],     recurse => 0,     debug => 0 ); my $res = Net::DNS::Simple->new(“kaiux.com”, “A”, %config); This feature is supported in Net::DNS::Resolver by default.

Non-authenticated data OK: Non-authenticated data is acceptable

Geralmente as perguntas DNS são bem formadas, mas como tudo tem sua exceção, veja a seguinte consulta DNS 00:00:13.372296 IP CLIENTE_DNS.43525 > SERVIDOR_DNS.53: 14737% [1au] MX? DOMÍNIO.gov.br. (39) Vamos observar com mais detalhes esse pacote 00:00:13.372296 IP (tos 0x0, ttl 49, id 0, offset 0, flags [DF], proto: UDP (17), length: 67) CLIENTE_DNS.43525 > SERVIDOR_DNS.53: […]

DNS tcpdump hacks

O tcpdump é o verdadeiro canivete suíço de todo o administrador de sistemas e operadores de rede.  A partir dos filtros de pacotes Berkley (Berkeley Packet Filter – BPF) podemos estender as funcionalidades do tcpdump. Cabeçalho UDP / UDP Header Por exemplo, o cabeçalho do UDP definido na RFC. Filtros UDP para cada campo do […]