#domainnamesystem — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #domainnamesystem, aggregated by home.social.
-
#DNS-Probleme: .de-Domains nicht erreichbar | heise online https://www.heise.de/news/DNS-Probleme-de-Domains-nicht-erreichbar-11283192.html #denic #DomainNameSystem
-
Missing from @drscriptt 's list are AAAA, HTTPS, and SVCB records.
AAAA has plenty of obvious choices.
You'll know the . convention for SRV, SVCB, and MX resource record sets, of course.
I shall just drop in my personal experience from earlier this year that an accidentally supplied HTTPS resource record can *definitely* break WWW traffic; because browsers in practice do not obey RFC9460 §2.4.2.
#djbdns
#DomainNameSystem
#SplitHorizon
#ReservedSuperDomains #DNS #HTTPS #SVCB -
Missing from @drscriptt 's list are AAAA, HTTPS, and SVCB records.
AAAA has plenty of obvious choices.
You'll know the . convention for SRV, SVCB, and MX resource record sets, of course.
I shall just drop in my personal experience from earlier this year that an accidentally supplied HTTPS resource record can *definitely* break WWW traffic; because browsers in practice do not obey RFC9460 §2.4.2.
#djbdns
#DomainNameSystem
#SplitHorizon
#ReservedSuperDomains #DNS #HTTPS #SVCB -
Missing from @drscriptt 's list are AAAA, HTTPS, and SVCB records.
AAAA has plenty of obvious choices.
You'll know the . convention for SRV, SVCB, and MX resource record sets, of course.
I shall just drop in my personal experience from earlier this year that an accidentally supplied HTTPS resource record can *definitely* break WWW traffic; because browsers in practice do not obey RFC9460 §2.4.2.
#djbdns
#DomainNameSystem
#SplitHorizon
#ReservedSuperDomains #DNS #HTTPS #SVCB -
Missing from @drscriptt 's list are AAAA, HTTPS, and SVCB records.
AAAA has plenty of obvious choices.
You'll know the . convention for SRV, SVCB, and MX resource record sets, of course.
I shall just drop in my personal experience from earlier this year that an accidentally supplied HTTPS resource record can *definitely* break WWW traffic; because browsers in practice do not obey RFC9460 §2.4.2.
#djbdns
#DomainNameSystem
#SplitHorizon
#ReservedSuperDomains #DNS #HTTPS #SVCB -
There are actually quite a few, nowadays. See RFCs 6762, 7686, and 8375.
example. is not the worst choice, although you could have gone with test. or internal. or intranet. .
Given your objective, any of the further ones that imply a residence or a corporation seem less well suited.
Although home.arpa.'s public delegation to the blackhole-{1,2}.iana.org. names is re-used.
https://github.com/jdebp/nosh/blob/trunk/source/examples/tinydns/split-horizon#L96
#djbdns #DomainNameSystem #SplitHorizon #ReservedSuperDomains #DNS
-
Kommentar zum #AWS-Fail: Hinter dem Sündenbock #DNS steht Hyperscaler-Inkompetenz | iX Magazin https://www.heise.de/meinung/Kommentar-zum-AWS-Ausfall-It-s-always-DNS-unless-it-isn-t-11077553.html #DomainNameSystem #Amazon #AmazonWebServices
-
Signal down: Messenger-App weltweit ausgefallen | heise online https://www.heise.de/news/Messenger-App-Signal-offenbar-weltweit-mit-Stoerungen-10778899.html #AWS #Amazon #AmazonWebServices #DNS #DomainNameSystem
-
Hier sieht man, wie viele Dienste #AWS nutzen ...
#AmazonWebServices: Globale Störung am Montagmorgen | heise online https://www.heise.de/news/Amazon-Web-Services-Globale-Stoerung-10778963.html #DNS #DomainNameSystem #Amazon
-
Thank you. But it actually tells me less than I already knew from cranking up developer tools and the server logs, and using direct observation. Which is, as I said, that the browsers continued to communicate with the origin domain's IP addresses, and did not switch to the target domain's.
#HTTPS alias-mode resource records that nominally upgrade from HTTP to HTTPS actually instead locked the browsers on a Windows machine out of my own WWW site for half a day.
-
Today's top tip:
Don't use HTTPS resource records.
I set some alias-mode ones up pointing from one domain to another domain. WWW browsers were supposed, per RFC9460 §2.4.2, to talk to the target domain.
All of my WWW browsers that picked up the records continued to send their requests to the IP address for *original* domain, and simply acted as if HSTS was turned on for that domain.
The example scenario in RFC9460 does not actually do what is stated in practice.
-
There are a much smaller number of people doing SVCB lookups, too. But, interestingly, they are doing them wrongly.
And with a direct correlation to some other abuses.
Which does make me think that, in an ironic twist, it is the bad actors running robot vulnerability probes and scrapers that are the early adopters of SVCB, here.
-
There are a much smaller number of people doing SVCB lookups, too. But, interestingly, they are doing them wrongly.
And with a direct correlation to some other abuses.
Which does make me think that, in an ironic twist, it is the bad actors running robot vulnerability probes and scrapers that are the early adopters of SVCB, here.
-
There are a much smaller number of people doing SVCB lookups, too. But, interestingly, they are doing them wrongly.
And with a direct correlation to some other abuses.
Which does make me think that, in an ironic twist, it is the bad actors running robot vulnerability probes and scrapers that are the early adopters of SVCB, here.
-
This does make you the second person in the world (if you picked up the source after I put it in yesterday) who can run
dnsqr https google.com
or even
dnsqr https jdebp.info
I didn't think that people were using this, it only having been accepted in November 2023, but I discovered a few lookups in my logs.
-
Looking up www.bing.com. nowadays involves dnscache looking up intermediate domain names in org., com., net., and info.; the cross-dependencies of which regularly exceed dnscache's nested gluelessness limit above which it switches to a slower resolution algorithm.
Some quick tests indicate that raising this limit from 2 to 3 improves matters.
So this will be in #djbwares 11.
-
Hackers exploit a blind spot by hiding malware inside DNS records - Hackers are stashing malware in a place that’s largely out o... - https://arstechnica.com/security/2025/07/hackers-exploit-a-blind-spot-by-hiding-malware-inside-dns-records/ #domainnamesystem #security #malware #biz #dns
-
I should probably mention this flaw on the #nslookup flaws page. The BIND DNS client library doesn't continue on to the next server if it receives a response without the "RA" flag; but nslookup does.
A flaw going back to at least 2009, from a quick look at the people asking questions about it, but introduced since I last touched that page in 2004; as I believe I included all of the known major gotchas of the time. (-:
-
If it's (intentionally) not providing proxy DNS service (which is what "recursion not available" translates to), then you had best just take it out of resolv.conf completely. That's not the sort of DNS server that belongs in resolv.conf.
The resource record set type is actually immaterial here. The C library expects complete answers from things in /etc/resolv.conf, not partial answers, which is what it will be getting from that DNS server.
-
Hello everyone.
In today's article, we will examine in detail what is dns and how it works.
I wish everyone a good reading:
https://denizhalil.com/2023/07/04/what-is-dns-an-overview-of-the-domain-name-system/#dns #domainnamesystem #networksecurity #dnssecurity #dnsrecords #dnsconfiguration
-
Hello everyone.
In today's article, we will examine in detail what is dns and how it works.
I wish everyone a good reading:
https://denizhalil.com/2023/07/04/what-is-dns-an-overview-of-the-domain-name-system/#dns #domainnamesystem #networksecurity #dnssecurity #dnsrecords #dnsconfiguration
-
Safcomms Limited DNS now comes with secure masking. We help mask your IP Address by providing you with ours to hide yourself without using a VPN. To purchase our DNS Service, contact me right away. Evidence as shown in the picture from the WiFi Analyzer Software.
#DNS #DomainName #DomainNameSystem #InternetService #Internet #InternetServiceProvider #Networking #ComputerNetworking #ComputerNetwork #Network #Cybersecurity #CyberSec #InformationSecurity #InfoSec #Masking #HidingYourIP #HideYourIP #NoVPN #NoIP #IPSec
-
Safcomms Limited DNS now comes with secure masking. We help mask your IP Address by providing you with ours to hide yourself without using a VPN. To purchase our DNS Service, contact me right away. Evidence as shown in the picture from the WiFi Analyzer Software.
#DNS #DomainName #DomainNameSystem #InternetService #Internet #InternetServiceProvider #Networking #ComputerNetworking #ComputerNetwork #Network #Cybersecurity #CyberSec #InformationSecurity #InfoSec #Masking #HidingYourIP #HideYourIP #NoVPN #NoIP #IPSec
-
Safcomms Limited DNS now comes with secure masking. We help mask your IP Address by providing you with ours to hide yourself without using a VPN. To purchase our DNS Service, contact me right away. Evidence as shown in the picture from the WiFi Analyzer Software.
#DNS #DomainName #DomainNameSystem #InternetService #Internet #InternetServiceProvider #Networking #ComputerNetworking #ComputerNetwork #Network #Cybersecurity #CyberSec #InformationSecurity #InfoSec #Masking #HidingYourIP #HideYourIP #NoVPN #NoIP #IPSec
-
Hacked ISP infects users receiving unsecure software updates - Enlarge (credit: Marco Verch Professional Photographer and Speaker)
... - https://arstechnica.com/?p=2041175 #domainnamesystem #dnspoisoning #infections #security #malware #biz&it
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
Microsoft plans to lock down Windows DNS like never before. Here’s how. - Enlarge (credit: Getty Images)
Translating human-readable doma... - https://arstechnica.com/?p=2021987 #domainnamesystem #microsoft #security #windows #biz #ztdns
-
Doing DNS and DHCP for your LAN the old way—the way that works - Enlarge / All shall tremble before your fully functional forward and re... - https://arstechnica.com/?p=2001156 #domainnamesystem #weekendprojects #itprojects #features #projects #feature #homelab #biz #bind9 #dhcpd #bind #dns
-
Doing DNS and DHCP for your LAN the old way—the way that works - Enlarge / All shall tremble before your fully functional forward and re... - https://arstechnica.com/?p=2001156 #domainnamesystem #weekendprojects #itprojects #features #projects #feature #homelab #biz #bind9 #dhcpd #bind #dns
-
Doing DNS and DHCP for your LAN the old way—the way that works - Enlarge / All shall tremble before your fully functional forward and re... - https://arstechnica.com/?p=2001156 #domainnamesystem #weekendprojects #itprojects #features #projects #feature #homelab #biz #bind9 #dhcpd #bind #dns
-
Doing DNS and DHCP for your LAN the old way—the way that works - Enlarge / All shall tremble before your fully functional forward and re... - https://arstechnica.com/?p=2001156 #domainnamesystem #weekendprojects #itprojects #features #projects #feature #homelab #biz #bind9 #dhcpd #bind #dns
-
Doing DNS and DHCP for your LAN the old way—the way that works - Enlarge / All shall tremble before your fully functional forward and re... - https://arstechnica.com/?p=2001156 #domainnamesystem #weekendprojects #itprojects #features #projects #feature #homelab #biz #bind9 #dhcpd #bind #dns
-
Frax Finance Says its Domain Name Has Been Hijacked - Frax founder Sam Kazemian says his team has been "left in the dark" by the domain registr... - https://www.coindesk.com/markets/2023/11/01/frax-finance-says-its-domain-name-has-been-hijacked/?utm_medium=referral&utm_source=rss&utm_campaign=headlines #domainnamesystem #fraxfinance #samkazemian #domainnames #markets #news #hack
-
Hidden in the mostly-forgotten 2010 Digital Economy Act were powers to regulate the UK's domain name system. On July 20, 2023, DCIT published a consultation - which closes August 31 - on implementing these: https://www.gov.uk/government/news/new-consultation-on-uk-related-domain-names-powers #UKInternet #DomainNameSystem #Nominet
-
Hidden in the mostly-forgotten 2010 Digital Economy Act were powers to regulate the UK's domain name system. On July 20, 2023, DCIT published a consultation - which closes August 31 - on implementing these: https://www.gov.uk/government/news/new-consultation-on-uk-related-domain-names-powers #UKInternet #DomainNameSystem #Nominet
-
Hidden in the mostly-forgotten 2010 Digital Economy Act were powers to regulate the UK's domain name system. On July 20, 2023, DCIT published a consultation - which closes August 31 - on implementing these: https://www.gov.uk/government/news/new-consultation-on-uk-related-domain-names-powers #UKInternet #DomainNameSystem #Nominet
-
Hidden in the mostly-forgotten 2010 Digital Economy Act were powers to regulate the UK's domain name system. On July 20, 2023, DCIT published a consultation - which closes August 31 - on implementing these: https://www.gov.uk/government/news/new-consultation-on-uk-related-domain-names-powers #UKInternet #DomainNameSystem #Nominet
-
Hidden in the mostly-forgotten 2010 Digital Economy Act were powers to regulate the UK's domain name system. On July 20, 2023, DCIT published a consultation - which closes August 31 - on implementing these: https://www.gov.uk/government/news/new-consultation-on-uk-related-domain-names-powers #UKInternet #DomainNameSystem #Nominet
-
Attackers find new ways to deliver DDoSes with “alarming” sophistication - Enlarge (credit: Aurich Lawson / Getty)
The protracted arms ra... - https://arstechnica.com/?p=1955118 #distributeddenialofserviceattack #domainnamesystem #security #biz #ddos #dns
-
#IMEI_Nummer
#IMSI_Nummer
#Werbe_IDs
#AppTrackingTransparenz (ATT)
#SoftwareDevelopmentKit (SDK)
#DomainNameSystem (DNS) #FilterApp-Tracking: Mein Handy hört doch mit oder nicht?
von der Juristin Anqi Chenhttps://www.dr-datenschutz.de/app-tracking-mein-handy-hoert-doch-mit-oder-nicht/
-
#IMEI_Nummer
#IMSI_Nummer
#Werbe_IDs
#AppTrackingTransparenz (ATT)
#SoftwareDevelopmentKit (SDK)
#DomainNameSystem (DNS) #FilterApp-Tracking: Mein Handy hört doch mit oder nicht?
von der Juristin Anqi Chenhttps://www.dr-datenschutz.de/app-tracking-mein-handy-hoert-doch-mit-oder-nicht/
-
#IMEI_Nummer
#IMSI_Nummer
#Werbe_IDs
#AppTrackingTransparenz (ATT)
#SoftwareDevelopmentKit (SDK)
#DomainNameSystem (DNS) #FilterApp-Tracking: Mein Handy hört doch mit oder nicht?
von der Juristin Anqi Chenhttps://www.dr-datenschutz.de/app-tracking-mein-handy-hoert-doch-mit-oder-nicht/
-
Ethereum Name Service to Work With MoonPay to Build Fiat On-Ramp - The partnership will create the ability for people to purchase .eth domain names with fia... - https://www.coindesk.com/web3/2023/04/20/ethereum-name-service-to-work-with-moonpay-to-build-fiat-on-ramp/?utm_medium=referral&utm_source=rss&utm_campaign=headlines #ethereumnameservice #domainnamesystem #moonpay #domains #web3 #news #ens
-
Cool just found out @zeek is on Mastodon too! One of my favorite #NetworkTools #DomainNameSystem #Parsing #HTTPS
Give it a feed of network packets, and you get valuable data from the default configuration, which contain more than 10.000 lines of scripting code, which you can expand. Output in column format text or JSON
Very efficient and soooo much NOT like messing about in C structs trying to parse something network related :-D
Now I just need Suricata here! https://suricata.io/
-
📬 Domain-Registrierung: EU-Richtlinie killt Anonymität
#Datenschutz #Rechtssachen #Ausweispflicht #denic #DomainNameSystem #NIS2Richtlinie #PatrickBreyer #TomJenissen #Whistleblower https://tarnkappe.info/artikel/rechtssachen/domain-registrierung-eu-richtlinie-killt-anonymitaet-259094.html