"sysquery" error

Larry Sheldon lsheldon at creighton.edu
Thu Dec 14 15:58:45 UTC 2000


> On Wed, Dec 13, 2000 at 09:01:52PM -0600, Larry Sheldon wrote:
> > This is the first time (as far as I can remember--certainly the first
> > time I have understood) the harm that might be done.  As I said, I've
> > tried listing them all, listing only the registered ones, and most
> > of the numerically possible combinations in between.
> 
> Suggestion: limit yourself to two at your site that are unlikely to be
> down at the same time.  Have the off-site three treat both as
> "masters".  List all 5 in NS records.  Make sure that the eduNIC has
> the exact same information (the 5).

I thunk that is what I have now.

> > I'm not sure what the "In fact . . . " sentence is saying.  I am of the
> > opinion that every machine that will support a name server along with
> > what ever it does for a living is a happier machine and its neighbors
> > on the network will be happier about it as well (especially for the
> > machines whose work is mostly intra-domain).  Am I wrong there
> > too?  And I'll need some help understanding that as well.
> 
> There are Organisations that require that a name server machine run no
> other network services.  This is to prevent a name server from being
> subverted by the machine being "owned" by a hacker/cracker coming in
> via another service.  While these Organisations are in the business of
> being professionally paranoid, there is some benefit in considering
> this scenario.

We don't have staff enough to do that--the primary doesn't have anything else
running on it to speak of, but all of the rest are machines-with-a-job that
run a nameserver (supposedly) for there own benifit.

> Machines running unlisted name servers to cache lookups for their own
> benefit are another matter.  They may or may not be helpful.  It
> depends on whether the pain of doing a network lookup is slower than
> the slowdown induced by having a memory hog like 'named' co-resident in
> memory.  Often the network lookup can be faster!

That is an interesting observation.  At one time the network was so congested 
that taking any traffic off of it was a Good Thing, but I ought to revisit
to see if I still think that.
--
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
.                                                                       .
- L. F. (Larry) Sheldon, Jr.                                            -
. Unix Systems and Network Administration                               .
- Creighton University Computer Center-Old Gym                          -
. 2500 California Plaza                                                 .
- Omaha, Nebraska, U.S.A.  68178       Two identifying characteristics  -
. lsheldon at creighton.edu                  of System Administrators:     .
- 402 280-2254 (work)                Infallibility, and the ability to  -
. 402 681-4726 (cellular)               learn from their mistakes.      .
- 402 332-4622 (residence)                                              -
. http://www.creighton.edu/~lsheldon    Adapted from Stephen Pinker     .
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-



More information about the bind-users mailing list