Re: My FC3 machine appears to be compromised, please help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/6/06, Paul Howarth <paul@xxxxxxxxxxxx> wrote:
> Bob Brennan wrote:
> > I am of course open to suggestions but am at the moment waiting for
> > Demon to correct the hacked entries on their nameservers, if that
> > doesn't work - I'll be back for more help!
>
> This issue is probably only affecting Demon's customers at the moment
> (assuming the same problem has not manifested itself on other providers'
> nameservers).
>
> The main issue for you is that your own server is rewriting addresses
> due to the bogus CNAME records. You can avoid this easily by installing
> a caching nameserver on your own mail server. This will insulate you
> from your ISP's DNS issues and may actually result in improved
> performance for your mail server overall. This could be as simple as:
>
> yum install caching-nameserver
> chkconfig named on
> service named start
>
> Then edit /etc/resolv.conf, remove the existing nameserver entries and
> add a "nameserver 127.0.0.1" entry. Your system should then be doing its
> own DNS lookups and shouldn't see the bogus CNAME records.
>
> You may need to add PEERDNS=no to /etc/sysconfig/network to prevent your
> /etc/resolv.conf getting clobbered by a DHCP client.
>
>  Paul.

I will save this as a possible solution Paul but I am loathe to make
changes like that right now since I have many business customers on
the same server whose domains are not being affected. Unfortunately I
will have to wait on Demon's solution to 3 domain's problems rather
than risk taking down 30 myself.

bob


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux