DNS Archive

DNS Geotargeting – Bind9

We recently had to setup some geo targeting with our domain name servers. We have different datacenters around the world and we wanted to keep our infrastructure as intact as possible, while still serving from nearest datacenter. If you don't use anycast or similar technology, DNS geo targeting might help you forward your clients to correct ip's. The main idea

Open DNS Resolvers in Slovenia | How Slovenian insecure DNS servers (possibly) participated in largest DDOS attack in the history

Foreword Recently we have faced one of largest DDOS attacks in history. The attacks were launched against SPAMHAUS website and about 300Gbit/s was thrown at them. The main reason attackers could reach such enormous traffic is by using open DNS resolvers to amplify the attacks. It’s so called Smurf attack with few modifications made. Smurf is

Internationalized domain names (IDN) and DNS / Bind9 problem

To use domain names with special characters ( παράδειγμα.δοκιμή or مثال.إختبار), you need to transform them into proper format. To accomplish that, we use idn command from libidn package. It should be included in base repository so simple: yum install libidn would suffice. To get real name of domain you need to have UTF-8 terminal