At approximately 3pm PST, the Syrian Electronic Army seemingly hacked into Twitter, Huffington Post and NY Times’ registry accounts altering contact details, and more significantly, DNS records. Modifying DNS records of a domain will allow SEA to redirect visitors to any site of their choosing.

Contact details for the Twitter.com domain were changed, but it’s reasonable to assume that if the SEA had the ability to change contact information, they may very well have had the ability to change DNS records and point the Twitter.com domain elsewhere, redirecting visitors and users.

The SEA also altered the DNS records for twimg.com which Twitter uses for virtually all CSS, JS, images, cookies and more. This means for many users, Twitter.com wouldn’t load correctly and avatars were unavailable across many Twitter clients.

[Story via TNW]

check_dns usage is as below

$ ./check_dns -H host [-s server] [-a expected-address] [-A] [-t timeout] [-w warn] [-c crit]

Try to run the command as below and you will get the query result

$ ./check_dns -H systems.takizo.com -s 8.8.8.8        
DNS OK: 0.012 seconds response time. systems.takizo.com returns 70.32.103.130|time=0.011703s;;;0.000000

Sweet, that is the DNS query plugin, it does DNS query check on your DNS host server and return the query time.
Here is how to activate the monitoring, add the check_dns plug-in into Nagios’ commands.cfg configuration file.

On FreeBSD server, it’s located at /usr/local/etc/nagios/objects/commands.cfg
Edit the file commands.cfg and add the line below

define command {
        command_name    check_dns
        command_line    $USER1$/check_dns -H $HOSTADDRESS$ -s $ARG1$
}

• $ARG1$ is the argument you will parse into in the configuration
• $HOSTADDRESS$ is your host on Nagios monitoring.

Next, put the line below into service check configuration file

define service {
        use                                  generic-service
        host_name                       your-dns-host
        service_description          Check Google.com on DNS Server
        check_command              check_dns!www.google.com
}

Restart your Nagios service now

$ /usr/local/etc/rc.d/nagios restart

If it’s failed, you will the red color on the monitoring status. There are a lot other plug-ins can be explore too. Have fun.

• Bind DLZ – The Bind extension which can store your data in database MySQL, PostgreSQL and etc.
• NSD – A lot people didn’t know about Name Server Daemon, find out more from the eBook.
• DNS Planning – Name Server deployment planning, capacity planning and how to scale.
• PowerDNS – Configure and master it.
• LDAP DNS – Deploy DNS server with LDAP.

Alright, enough with the talks, where to download the eBook? It’s FREE for Download here

Here is how to find out the reverse DNS IP address is pointed to which DNS server for zone delegation.

dig -x 175.136.188.90

; <<>> DiG 9.6.0-APPLE-P2 <<>> -x 175.136.188.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21938
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;90.188.136.175.in-addr.arpa.   IN      PTR

;; AUTHORITY SECTION:
136.175.in-addr.arpa.   10800   IN      SOA     ns1.tm.net.my. dnsadm.tmnet.com.my. 2011012113 10800 3600 604800 86400

;; Query time: 37 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Jan 22 19:39:12 2011
;; MSG SIZE  rcvd: 111

The result above shown

• The SOA record shown the IP Address is pointed to ns1.tm.net.my for reverse DNS delegation.
• The zone 136.175.in-addr.arpa is delegating the IP 175.136.188.90

This command is pretty useful when you want to find out is the reverse DNS delegation works correctly.

28-Jun-2010 16:28:24.283 general: max open files (3520) is smaller than max sockets (4096)

It’s something to do with kernel setting, on FreeBSD, configure the following

shell> sysctl kern.maxfiles=4096  
shell> sysctl kern.maxfilesperproc=4096

Alternatively, put the above configuration on /etc/sysctl.conf in order to configure it at start up level.

logging{
        channel query_logging {
                file "/var/log/query.log" versions 3 size 10m;
                severity debug 3;
                print-time yes;
                print-severity yes;
                print-category yes;
        };

        category queries {
                query_logging;
        };
};

To turn on query logging while DNS service is running; you need to to rndc querylog and check the status with rndc status

shell> rndc querylog
shell> rndc status 
version: 9.x.x
number of zones: 1200
debug level: 3
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running

query logging is ON indicates that DNS query logging is activated.

What DNS Server to use? We will use OpenDNS server for DNS Setup.

DNS Setup on Windows Vista

On your Windows Vista, follow the step below;

• Click on “Windows Start Button”, then select “Control Panel”.
• Click on “Network and Internet”
• Click on “Network Center”
• Click on “Personalize”, next to your network
• Click on “Properties” button.
• Another window will pop up – click on “Properties” button, again
• Vista will ask for your permission to make changes. Click “Continue” button.
  Make sure you have administrative rights on your system before making changes.
• Select “Internet Protocol Version 4 (TCP/IPv4)”, then click on “Properties” button.
• Click the radio button “Use the following DNS server addresses” and type in OpenDNS addresses in the “Preferred DNS server” and “Alternate DNS server” fields.

Preferred DNS server address for Open DNS is: 208.67.222.222
Alternate DNS server address for Open DNS is: 208.67.220.220

• Click on “OK” button.
• Restart your computer.

DNS Setup on Apple Mac OS X

On Apple Mac, follow the steps below for DNS Setup;

• Click on the Apple icon on top left menu
• Select System Preferences
• Click on Network
• On DNS Server, type: 208.67.222.222, 208.67.220.220
• Click on Apply. That’s all

DNS Setup is pretty easy, happy browsing!

The post How to do DNS Setup On your Machine first appeared on /var/logs/paulooi.log.]]> https://logs.paulooi.com/how-to-do-dns-setup-on-your-machine.php/feed 0