Information about DNS and network
I tried reading stuff on DNS servers and DNS encryption but I’m having trouble putting it all together. I am interested in it for privacy reasons. I know people change their default DNS server (which is probably something that your ISP provides) for this reason, but doesn’t something like Google’s DNS server then know what … Read More “[ELI5]What are the benefits of DNS encryption? DNS servers for privacy?” »
I’m implementing the S3 API on Ceph, and was surprised to find that signature validation fails if there are several A records on a domain. Poking s3.amazonaws.com reveals that it resolves to a single different IP address every time (with ridiculously low TTL). This is for a public web service (non-profit), so the DNS server … Read More “Is there an open source DNS server that allows alternating responses for the same resource?” »
You “buy” a domain name Domain registration company creates a record in the root name servers Clients query root servers, and then your servers (assuming root servers have accurate information) DNS servers along the way cache the information, making DNS awesome fast when you do it right submitted by hostbreak [link] [9 comments] Powered by … Read More “Do You Know How DNS Works?” »
I setup a private dns on an Ubuntu 14.04 digitalocean droplet (PowerDNS basically following this guide) to block kid-baiting ads that my kids keep accidentally clicking on when they are playing games on our tablets. I have 3 kids under 5 yrs of age…If you don’t know what I’m talking about…an ad pops up in … Read More “PowerDNS – White list IP's that can query my DNS server?” »
submitted by based2 [link] [1 comment] Powered by WPeMatico
submitted by hostbreak [link] [comment] Powered by WPeMatico
We have been having issues with .tr ccTLDs for the last 2 hours. It is clear that ns{1..5}.nic.tr name servers are being attacked. Right now, they stopped the traffic originating from outside of Turkey. Effectively, the rest of the world won’t be able to resolve .tr domains. The saddest thing is that all those 5 … Read More “Turkey's Root Name Servers Are Not Reachable” »
I want to perform a DNSSEC Signature validation on an opensuse cli, using tools like openssl. I copied the information from DNSKEY, RRSIG and A-Record to local files. What I tried is something like the following: openssl dgst -sha256 -verify pub.key -signature sig.dat record.dat I get error-message “Unable to load keyfile”. I tried different formats … Read More “How to perform DNSSEC steps on CLI ?” »
submitted by based2 [link] [comment] Powered by WPeMatico
submitted by based2 [link] [2 comments] Powered by WPeMatico