![]() ![]() Setup Caching- Only DNS Server Using "Bind" in Cent. OS 6. 5. There are several type of DNS servers such as master, slave, forwarding and cache, among them Caching- Only DNS is the one, which is easier to setup. DNS use UDP protocol so it will reduce the query time because UDP protocol does not have an acknowledgement. Setup Caching- Only DNS in Cent. OSRead Also: Setup Master- Slave DNS Server in Cent. OS 6. 5. The caching- only DNS server is also known as a resolver. There are several type of DNS servers such as master, slave, forwarding and cache. Among every DNS servers, caching-only dns is the one, which is easier to. Network Footprinting (Reconnaissance) The tester would attempt to gather as much information as possible about the selected network. Reconnaissance can take two forms. It will query DNS records and get all DNS information from other servers and stores the each query request in its cache for later use. While we are querying same request for the second time, it will serve from its cache, this way it reduces query time. If you’re looking to setup DNS Caching- Only Server in Cent. OS/RHEL 7, follow this guide here: Setting Up Caching- Only DNS Name Server in Cent.
OS/RHEL 7. My Testing Environment. IP Address : 1. 92. Host- name : dns. OS : Centos 6. 5 Final. Ports Used : 5. 3. Config File : /etc/named. Step 1: Installing Caching- Only DNS1. The Caching- Only DNS, can be installed by using package ‘bind‘. Let’s do a small search for the package name if we don’t remember the fill package name using below command.# yum search bind. Search Bind Package. In the above result, you see the packages that displayed. From that we need to choose the ‘bind‘ and ‘bind- utils‘ packages, let’s install them using following ‘yum‘ command.# yum install bind bind- utils - y. Install DNS Utils. Step 2: Configure Caching- Only DNS3. Once, DNS packages are installed, move forward to configure DNS.Open and edit ‘named. 4X4 Evo 2 Pc Game Free Download . Next, make changes as suggested below or you can use your settings as per your requirements. Following are the changes, that we need to do for a caching- only DNS server. Resident Evil 2 Apocalypse 2004 Extended Edition Blu Ray 720P 550Mb . Here, by default the localhost will be there, we need to add the ‘any‘ to accept query from any range of network. Configure Caching Only DNSlisten- on port 5. This say that Cache server want to use the port 5. This Specifies which ip address may query the server, here I have defined for localhost, from anywhere anyone can send query. This will add the query request to the bind. This will query the answer and give back to us, during query it may send query to other DNS server over the internet and pull back the query. After editing the file, we have to confirm whether the ‘named. DNS runs under a system user named.# ls - l /etc/named. If the server enabled with selinux, after editing ‘named. Z /etc/named. conf. Z /etc/named. rfc. Okay, here we need to test DNS configuration now for some syntax error, before starting the bind service, if any error found some can be traced from /var/messages too.# named- checkconf /etc/named. After the syntax check results seems perfect, restart the service to take effect for above changes and make the service to run persistent while reboot the server and confirm the same.# /etc/init. Configure and Start DNS7. Next, open the port 5. I INPUT - p udp - -dport 5. ACCEPT. Iptables Open DNS Port. Step 4: Chroot Caching- Only DNS8. If you want to run the DNS caching- server under chroot environment, you need to install the chroot package only, no need of further configuration, as it by default hard- link to chroot.# yum install bind- chroot - y. Once chroot package has been installed, you can restart the named service to take new changes.# /etc/init. Once you restart named service, it automatically create a hard- link from the /etc/named config files to /var/named/chroot/etc/ directory. To confirm, just use the cat command under /var/named/chroot.# sudo cat /var/named/chroot/etc/named. Chroot Caching Only DNSIn the above configuration, you will see the same /etc/named. Step 5: Client Side DNS Setup. Add the DNS caching servers IP 1. In Debian based machines it will be under /etc/resolv. RPM based machines it will be under setup command or we can edit manually under /etc/sysconfig/network- scripts/ifcfg- eth. Finally it’s time to check our cache server using some tools. We can test using dig & nslookup commands in Linux systems, and in windows you can use the nslookup command. Let’s query ‘facebook. Check DNS using Dig. Now, issue again same query, you will get replied from our cache server till it expires.# dig facebook. Check DNS Cache. Use ‘nslookup‘ command to confirm the same.# nslookup facebook. Check DNS Query Cache. To read more about dig and nslookup command examples and usage, use the following links. Here we have seen how successfully we have setup a DNS caching- only server using bind package and also secured it using chroot package. Penetration Testing Framework 0. AUDLVL System auditing : System auditing events logged and may be audited. OBJAUD Object auditing : Object auditing activity defined logged and may be audited *AUTFAIL Authorized failure: All access failure,Incorrect Password or User ID logged and may be audited *PGMFAIL System integrity violation : Blocked instructions,Validation failure,Domain violation logged and may be audited *JOBDTA Job tasks : Job start and stop data(disconnect,prestart) logged and may be audited *NETCMN Communication & Networking tasks : Action that occur for APPN filtering support logged and may be audited *SAVRST Object restore: Restore(PGM,JOBD,Authority,CMD,System State) logged and may be audited *SECURITY Security tasks: All security related functions(CRT/CHG/DLT/RST) logged and may be audited *SERVICE Services HW/SW: Actions for performing HW or SW services logged and may be audited *SYSMGT System management: Registration,Network,DRDA,Sys. Replay,Operational not logged and cannot be audited *CREATE Object creation: Newly created objects, Replace exisitng objects logged and may be audited *DELETE Object deletion: All deletion of external objects logged and may be audited *OFCSRV Office tasks: Office tasks(system distribution directory,Mail) logged and may be audited *OPTICAL Optical tasks: Optical tasks(add/remove optical cartridge,Autho) logged and may be audited *PGMADP Program authority adoption: Program adopted authority, gain access to an object logged and may be audited *OBJMGT Object management: Object management logged and may be audited *SPLFDTA Spool management: Spool management logged and may be audited.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |