DTP


 
Lively discussions on the graphic arts and publishing — in print or on the web


Go Back   Desktop Publishing Forum > General Discussions > Web Site Building & Maintenance

Reply
 
Thread Tools Display Modes
Old 03-15-2006, 01:44 AM   #1
Kelvyn
Staff
 
Kelvyn's Avatar
 
Join Date: Feb 2005
Location: In the Heart of the English Lake District
Posts: 1,381
Default Threat to DNS servers?

Recent changes to the checking system used by DNSreport mean that a long-standing potentially serious problem with DNS servers is now highlighted. This change in reporting has come about following the recent use of DDDoS (DNS Distributed Denial of Service) attacks. These are potentially much more serious than DDoS attacks.

Discussions elsewhere are bringing this issue to the attention of spammers and hackers. This potential vulnerability is not new, but the publicity cannot be good for all users of the Internet, especially as a very large proportion of DNS servers are currently susceptible.

See this discussion on WebmasterWorld. This report shows that the site hosting this forum is at risk - as are many of my sites.

No need for any panic on this, but obviously there will need to be changes in the way that DNS servers are set up and operated - and probable cost implications.

   
__________________
Kelvyn

Web site design, hosting and marketing, Keswick in the UK Lake District

If you are planning a visit to Keswick then try Keswick Tourist Information website

Kelvyn is offline   Reply With Quote
Old 03-15-2006, 02:25 AM   #2
iamback
Member
 
iamback's Avatar
 
Join Date: Oct 2005
Location: Amsterdam, NL
Posts: 4,894
Default

Kelvyn,

Can you maybe summarize the dicussion on WebmasterWorld? I don't have an account (and suspect many of us don't) so can't read it.

   
__________________
Marjolein Katsma
Look through my eyes on Cultural Surfaces (soon!), My ArtFlakes shop and Flickr.
Occasionally I am also connecting online dots... and sometimes you can follow me on Marjolein's Travel Blog
iamback is offline   Reply With Quote
Old 03-15-2006, 05:07 AM   #3
Kelvyn
Staff
 
Kelvyn's Avatar
 
Join Date: Feb 2005
Location: In the Heart of the English Lake District
Posts: 1,381
Default

You don't need a paid account to view, just sign in for free. The thread already spans 25 messages is pretty technical so difficult to summarise.

   
__________________
Kelvyn

Web site design, hosting and marketing, Keswick in the UK Lake District

If you are planning a visit to Keswick then try Keswick Tourist Information website

Kelvyn is offline   Reply With Quote
Old 03-15-2006, 08:27 AM   #4
gary
Member
 
Join Date: Dec 2004
Location: In the heart of Lake Minnetonka
Posts: 337
Default

The DNS server, operated by SpeedHost, is an open DNS server; it allows any host to ask it about names (e.g., microsoft.com) it does not host. Presumably this is because SpeedHost has only one set of DNS servers and they are used for both internal (hosted server) and external (user) purposes.

Note that one of the DNS servers for this forum runs on the same IP address as the forum; switching DNS hosting (for dtpf) to ZoneEdit, DynDNS or such might make some sense.

A long time ago I noticed someone using my (then recursive) DNS server to look up records for a long (alphabetically sorted) list of domains - causing me split my DNS service into (1) external servers which only provide DNS for names I host and (2) internal servers providing recursive lookup only for authorized (local) hosts. When using recent named/bind as the server this could be done using 'views' in lieu of separate servers.

Note that the tests performed by DNSReport are not all accurate; for example the 'abuse@...' test attempts to send ONE message from "<>" to THREE addresses at once. This is called "multi-recipient bounce" and is specifically prohibited by mail servers I operate so DNSReport generates a false "Fail" in that case.
gary is offline   Reply With Quote
Old 03-15-2006, 11:24 AM   #5
iamback
Member
 
iamback's Avatar
 
Join Date: Oct 2005
Location: Amsterdam, NL
Posts: 4,894
Default

Quote:
Originally Posted by Kelvyn
You don't need a paid account to view, just sign in for free.
Maybe I'm dense but how do you do that if you are not a member? I see a box captioned "Member Login:" (I am not a member) and below that box "Subscribe to WebmasterWorld" with options for a 'Six Month Subscription' and a 'One Year Subscription Save 30%'. I don't see anything about free sign in.

   
__________________
Marjolein Katsma
Look through my eyes on Cultural Surfaces (soon!), My ArtFlakes shop and Flickr.
Occasionally I am also connecting online dots... and sometimes you can follow me on Marjolein's Travel Blog
iamback is offline   Reply With Quote
Old 03-15-2006, 11:32 AM   #6
gary
Member
 
Join Date: Dec 2004
Location: In the heart of Lake Minnetonka
Posts: 337
Default

Quote:
Originally Posted by iamback
I see a box captioned "Member Login:"
Kelvyn's link takes me (FF 1.0.7 under Linux) directly to the (DNS Recursion) discussion...

I think "DNS Recursion Repercussion" would have had a better ring to it...
gary is offline   Reply With Quote
Old 03-15-2006, 11:40 AM   #7
ktinkel
Founding Sysop
 
ktinkel's Avatar
 
Join Date: Oct 2004
Location: In Connecticut, on the Housatonic River near its mouth at Long Island Sound.
Posts: 11,189
Default

Quote:
Originally Posted by iamback
Maybe I'm dense but how do you do that if you are not a member? I see a box captioned "Member Login:" (I am not a member) and below that box "Subscribe to WebmasterWorld" with options for a 'Six Month Subscription' and a 'One Year Subscription Save 30%'. I don't see anything about free sign in.
I was puzzled at first, but then saw in small type an invitation to Register (not Subscribe).

I can’t repeat it, since I did register, so cannot describe exactly where it is, but it’s there! They instantly sent me an e-mail, I clicked and was registered.

   
__________________
[SIZE=2][COLOR=LemonChiffon]::[/COLOR][/SIZE]
[SIGPIC][/SIGPIC]
ktinkel is offline   Reply With Quote
Old 03-15-2006, 12:20 PM   #8
iamback
Member
 
iamback's Avatar
 
Join Date: Oct 2005
Location: Amsterdam, NL
Posts: 4,894
Default

Quote:
Originally Posted by gary
Kelvyn's link takes me (FF 1.0.7 under Linux) directly to the (DNS Recursion) discussion...
Maybe you already have an account?

It actually just redirects me to here:
Code:
http://www.webmasterworld.com/login.cgi?status=&url=http://www.webmasterworld.com/forum23/4488.htm
(put in a code box to hopefully prevent ellipsing of the URL here).

As I can see it. I can only read the discussion if I log in; to log in, I need to be a member, and to be a member I need to subscribe - IOW, pay.

   
__________________
Marjolein Katsma
Look through my eyes on Cultural Surfaces (soon!), My ArtFlakes shop and Flickr.
Occasionally I am also connecting online dots... and sometimes you can follow me on Marjolein's Travel Blog
iamback is offline   Reply With Quote
Old 03-15-2006, 01:03 PM   #9
ktinkel
Founding Sysop
 
ktinkel's Avatar
 
Join Date: Oct 2004
Location: In Connecticut, on the Housatonic River near its mouth at Long Island Sound.
Posts: 11,189
Default

Quote:
Originally Posted by iamback
Maybe you already have an account?
They didn’t know me from Adam (and I don’t believe I had ever been there, either, but they discard registrations after 30 days without logging in).

Try this link, which is directly to one of the forums:
http://www.webmasterworld.com/forum21/11910.htm

I chose a topic dear to your heart: “Which browsers should I use to test my web pages?”

   
__________________
[SIZE=2][COLOR=LemonChiffon]::[/COLOR][/SIZE]
[SIGPIC][/SIGPIC]
ktinkel is offline   Reply With Quote
Old 03-15-2006, 02:31 PM   #10
gary
Member
 
Join Date: Dec 2004
Location: In the heart of Lake Minnetonka
Posts: 337
Default

Quote:
Originally Posted by iamback
Maybe you already have an account?
No, strange. I checked all my saved passwords and even opened a different browser profile (partial image attached)
Attached Thumbnails
Click image for larger version

Name:	wmworld.png
Views:	81
Size:	57.2 KB
ID:	450  
gary is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 01:53 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Contents copyright 2004–2014 Desktop Publishing Forum and its members.