Re: My FC3 machine appears to be compromised, please help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2006-04-06 at 14:26, Bob Brennan wrote:
> >
> > yum install caching-nameserver
> > chkconfig named on
> > service named start
> >
> > Then edit /etc/resolv.conf, remove the existing nameserver entries and
> > add a "nameserver 127.0.0.1" entry. Your system should then be doing its
> > own DNS lookups and shouldn't see the bogus CNAME records.
> >
> > You may need to add PEERDNS=no to /etc/sysconfig/network to prevent your
> > /etc/resolv.conf getting clobbered by a DHCP client.
> >
> >  Paul.
> 
> I will save this as a possible solution Paul but I am loathe to make
> changes like that right now since I have many business customers on
> the same server whose domains are not being affected. Unfortunately I
> will have to wait on Demon's solution to 3 domain's problems rather
> than risk taking down 30 myself.

If you aren't running a nameserver now, this is a fairly safe
step.  Your own lookups depend on the contents of /etc/resolv.conf
regardless of the presence of the nameserver on the same
machine.  You should be able to install caching-nameserver,
test it out with 'dig @localhost' then modify /etc/resolv.conf
to use 'nameserver 127.0.0.1' instead of whatever you are
using now.  If you see any problems, just put the old
resolv.conf back. 

-- 
  Les Mikesell
   lesmikesell@xxxxxxxxx



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux