Some servers respond with wrong IP address for my domain

Brian Salomaki brian at
Fri Oct 5 19:56:35 UTC 2001

On Friday 05 October 2001 02:05 pm, Will Yardley wrote:
> Nate Campi wrote:
> > Get a good monitoring system like Mon
> > ( that will check that your serials
> > match. That way you don't have to roll your own.
> although the weird thing in this case is that the serials did match; i
> think that one of the machines just had incorrect cache information.

I'd guess that the zonefile was updated without updating the serial, since 
the serial was still 1.

> my guess is that a newer version of bind would be less succeptible to
> this sort of poisoning, no?
> jazz% dig version.bind ch txt +sh
> "8.2.2-P5"
> jazz% dig version.bind ch txt +sh
> "8.2.2-P5"
> in any event unless this is a vendor patched version of bind that's
> completely patched of the various security holes in that version (and in
> fact even if it is), i'd highly recommend upgrading.
> you might also consider restricting axfr from outside your network.
> w

Brian Salomaki
Gambit Design Internet Services
110 E. State St., Suite 18, Kennett Square, PA 19348

More information about the bind-users mailing list