[lug] recommended package to forward all DNS requests to single IP address?

Bear Giles bgiles at coyotesong.com
Sun Jun 23 15:57:17 MDT 2019


>From some comments elsewhere it looks like what's actually going on may be
that my system was being used for 'dns amplification' attacks.

It looks like I managed to lock myself out, rendering this a moot issue.
Sigh.

I

H A T E

U B U N T U

N E T W O R K I N G

I've lost hours because a small change on my desktop broke everything and
the documentation has no relationship with reality. At least that's the
case with dnsmasq. I know it's not just my imagination since I tried making
a really safe change - increasing the size of the cache - and when I do a
kill -USR1 on the dnsmasq process it shows the same cache size. It doesn't
matter that I put the new setting under every dnsmasq.d directory. So it
makes me feel a little better that it's not my incompetence - but I've
still lost hours from this.

On Sun, Jun 23, 2019 at 12:52 PM ghe <ghe at slsware.net> wrote:

> On 6/23/19 11:46 AM, Bear Giles wrote:
>
> > Does anyone have a recommendation for a DNS server that forwards all
> > requests to a single IP address? Either a specialized one or just quick
> > notes on setting up a standard DNS server.
>
> I'm not sure what you're trying to do, but BIND/<that one on RIPE> +
> iptables do wonders.
>
> I'd think a packet filter (iptables) that allowed only one address to
> get to UDP 53 might do what you want to have happen (less the goatse
> pix, though). That's input. You could do something very similar on output.
>
> --
> Glenn English
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20190623/372e3a69/attachment.html>


More information about the LUG mailing list