Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x

DNS

25K

Solutions

25K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

5
 
LVL 17

Expert Comment

by:Kyle Santos
A Bug Has No Name
+1 for the Game of Thrones reference.
2
Q2 2017 - Latest Malware & Internet Attacks
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

I absolutely despise dealing with 1&1 Internet.  I've been trying to do a Domain Transfer from one 1&1 Account to another 1&1 Account for over two weeks and it's still in the 'Transferring' process. 1&1 tech support are utterly useless with no control over the actual transfer.  Does anyone else have problems with them?
0
Tech Bomb - Currently GoDaddy DNS shows signs of lunacy. Problem appears to be in their communication of NS records to global DNS root servers. Via - dig $site ns - this shows up as a different list of NS records each time dig is issued, which leads to...

Symptom - site IP (DNS A records) are randomized. Sometimes correct. Sometimes random.

Effect - Ad Networks suspend your accounts. SEO plummets, as GoDaddy flags your site as serving Malware.

It’s unclear whether this is a GoDaddy technical issue or GoDaddy is being hacked somewhere deep in their systems.

*Fix* - Move all your DNS records out of GoDaddy + set your site’s DNS records to point to the outside DNS service.

This has come to light over the past few days when several of my clients have had their Ad Network accounts suspended + or sites flagged in Google Search Console as serving Malware, when sites are clean.

Just another day of tech randomness.
0
 
LVL 18

Expert Comment

by:Alan
Hi David,

Are you seeing issues only where a customer has multiple A records for a given hostname, or any issues where they have only a single IP for a given hostname?

I have not had any problems (that I know of yet!) but I don't have any with multiple IPs.

Thanks,

Alan.
0
Protect DNS: A Conversation With Dave Dufour of Webroot

DNS is one of the basic services on which the web is based and it has proven to be robust and scalable to an astounding degree. Unfortunately, it's also vulnerable to hacking and can be a serious attack vector if left unprotected. Dave Dufour, director of cybersecurity and engineering at Webroot, is an expert on DNS and its implications in network security. Security Now talked with Dufour about the issues with DNS and what organizations should be doing to protect their networks, employees and customers from DNS-based threats.

Read more of the interview on Security Now.
2
A little background, I keep getting errors in google Chrome (NXDOMAIN, DNS Probe errors).  

I keep getting a 8012 Event ID error code 9005 when I flush and then register DNS on WIN 10 machines.  
I have setup a reverse DNS zone and see the PTR records for those very machines fill the list.  

Any help would be greatly appreciated!
0
 
LVL 25

Expert Comment

by:Brian B
You have entered this as a post. To get more Expert to respond, try asking a question instead: https://www.experts-exchange.com/askQuestion.jsp
1
 
LVL 12

Administrative Comment

by:Andrew Leniart
Hi Mrosale6,

What you have done is made a "Post" here.  To get expert help, you need to "Ask a Question" so that more experts are able to see that you need help. Click the Big blue button near the top of your screen.

Ask a Question

The following link also explains more about asking for help at Experts Exchange...
http://support.experts-exchange.com/customer/portal/articles/336330

Hope that's helpful.

Regards,
Andrew
EE Topic Advisor
0
In case you did not see it, below is the apology statement from Marketo regarding their outage yesterday.
Dear Marketo Customers and Partners:

Today, for a number of hours, our main web site, Marketo.com along with a small number of other Marketo domain properties were rendered inaccessible, preventing log in to our application. While the issue is now largely resolved, and I can assure you that the core Marketo application continued to operate in the background and your data was never at risk. I want to sincerely apologize to you and on behalf of the entire Marketo team as we take any disruption to your service very seriously.

I also want to be completely transparent with you on what happened and assure you that it won't happen again.

We renew thousands of domain name properties we own every year with precision, yet the auto renew process for registering our main domain, Marketo.com, failed. This catalyzed a cascading series of issues, but ultimately human and process error are to blame and again, we take full responsibility.

While our global support team in Ireland was working with our DNS registrar in the very early morning hours, members of our customer and partner community helped pinpoint specific issues that aided us significantly. While this does not absolve Marketo of responsibility for this serious situation, I would like to thank the individuals who assisted us. We greatly appreciate your support during a trying time.

For our global customers, please…
3
I am not big in talking about politics, but this blog post does a detailed analysis of some claims researchers made linking Donald Trump's e-mail servers to a russian bank server. I figured maybe some folks here who actually understand how DNS works would find it interesting.
https://weaponizedautism.wordpress.com/2017/04/09/trump-dns-logs-fabricated/
1
 
LVL 17

Expert Comment

by:Kyle Santos
tl;dr the logs look fabricated to damage Trump.  Thanks for sharing this.  It is interesting to see the lengths at which this author is able to explain this information and leave it for us to decide that 'fake news' is prevalent.
0
 
LVL 27

Expert Comment

by:tliotta
I can't see much that definitely indicates fabrication, primarily because there is no identification of exactly how the logs were produced nor what DNS produced them.

So, for BIND8 or 9, while it's true that the client ID should normally include {#portno:}, every address in each of the logs is exactly 12 chars wide and that opens the possibility that the field is simply formatted for that width so that it's truncated on the right. It could also be that it's not a full BINDx implementation or a faulty one, or even not "BIND" but perhaps a Microsoft DNS or something else. If it's BIND, the "+" near the right would indicate a "recursive" query and the subsequent address would be the address of the recursive server. To have that be the same IP address as the e-mail server would seem to make almost perfect sense given the supposed purpose of the setup.

The logs were apparently validated by Paul Vixie. It's hard to think of anyone in the world more qualified than he.

Alfa Bank fairly quickly sent a pretty severe "cease and desist" letter to the researchers, threatening plenty of legal action. It seems to have been nothing but a bluff in hopes of scaring the researchers off. The researchers turned it over to their attorneys who promptly replied with a "put up or shut up" response. The eventual return response from Alfa Bank has been... well, apparently nothing.

I'm not at all convinced that the "blog post" analysis has much merit.

It's definitely plausible that "Tea Leaves" and "April Lorenzen" are one and the same. If true, that raises a flag that the analysis of the DNS logs should be questioned. But it isn't an indication that that analysis is wrong nor even flawed. In the absence of actual evidence, there seems nothing more to add.
0
DNS-Protection-with-ConnectWise.png
It's always exciting around here! We're thrilled to expand our partnership with ConnectWise to offer customers better protection and performance. To get insight into why this matters, we sat down with George Anderson, Webroot’s product marketing director for business solutions, and Gavin Gamber, vice president of Channel Sales and Alliances at ConnectWise.
 
What is DNS Protection? Why is it important? Why do ConnectWise partners need this?  
 
Read more here.
4
For the past few months I've been a Beta tester for a new service called DNS Spy.  It's a service that Monitors, validates and verifies your DNS configurations.  

It might be worth a look if you are looking for something that monitors your External DNS.  Link below:
https://dnsspy.io/
1
Haven't tried it out yet, but this looks cool.

Why DNSCrypt is so significant
In the same way the SSL turns HTTP web traffic into HTTPS encrypted Web traffic, DNSCrypt turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks.  It doesn’t require any changes to domain names or how they work, it simply provides a method for securely encrypting communication between our customers and our DNS servers in our data centers.  

https://www.opendns.com/about/innovations/dnscrypt/
2

DNS

25K

Solutions

25K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.