Accuracy of DNSStuff reports
Barry Margolin
barmar at alum.mit.edu
Tue Nov 28 17:39:13 UTC 2006
In article <ekgq85$2dbm$1 at sf1.isc.org>, Res <res at ausics.net> wrote:
> On Mon, 27 Nov 2006, Barry Margolin wrote:
>
> > My personal bugaboo with DNSReport is the red FAIL it reports for open
> > recursive servers. While it's certainly a bad idea for authoritative
>
> Actually I think it;s good idea, it alerts the admin who set it up they
> are open to exploitation and abuse.
So make it a warning.
The problem is that it confuses OTHER people who are trying to
troubleshoot problems accessing the domain. They see the big red FAIL
and think that it's due to the DNS misconfiguration.
>
> The suggested alternative zonecheck amuses me, why does it ping a DNS
> server? what the hell has that got to do with a DNS Server serving
> requests, it also fails on testing my domain claiming one of my DNS
> servers is not responding, however I know it is using host from the same
> machine, all sorts of tests will have pros and cons. DNSReport has always
> served well.
I also like DNSReport in general.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list