[Pdns-users] Recursion allowed for all in test from intodns

Miguel Miranda miguel.mirandag at gmail.com
Fri Apr 19 15:27:36 UTC 2013


hello guys, i have two identical servers, the only one difference between
both are their ip address, for some estrange reason when i test my auth
domains in www.intodns.com it tells me one of then allows anonymous
recursive querys. i have double checked the config and nothing is wrong, i
have pdns-recursor running in localhost and an access list configured in
pdns, this is the pdns.conf file:

setuid=pdns
setgid=pdns
allow-recursion=127.0.0.0/8 \
a.b.c.d \
e.f.g.h \
j.k.l.m
cache-ttl=300
daemon=yes
disable-tcp=yes
distributor-threads=25
guardian=yes
launch=gmysql
gmysql-host=127.0.0.1
gmysql-dbname=powerdns
gmysql-user=pdns
gmysql-password=J4s0n2013
lazy-recursion=yes
local-address=200.12.232.4
local-port=53
log-dns-details=no
log-dns-queries=no
log-failed-updates=no
max-cache-entries=2000000
negquery-cache-ttl=0
query-cache-ttl=300
query-logging=no
receiver-threads=25
recursive-cache-ttl=300
recursor=127.0.0.1
webserver=yes
webserver-address=w.x.y.z


and this is the recursor.conf file

setuid=pdns-recursor
setgid=pdns-recursor
daemon=yes
dont-query=127.0.0.0/8
local-address=127.0.0.1
local-port=53
log-common-errors=no
max-cache-entries=2000000
max-negative-ttl=0
max-packetcache-entries=2000000
packetcache-servfail-ttl=0
quiet=yes
threads=15


Please give me some advise so i dont get blacklisted for having a
vulnerable dns recursor.
regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20130419/926fc5a7/attachment.html>


More information about the Pdns-users mailing list