我被告知有关以下查询的安全问题: dig。 NS @yournameserver 我找不到它是否会影响我的powerdns版本2.9.22-3以及如何防止对该查询作出响应。powerdns响应查询挖掘。 NS @yournameserver
我的DNS服务器上面的查询响应:
; <<>> DiG 9.7.3-P3 <<>> . NS @XX.XX.XX.XX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49208
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 3600 IN NS A.ROOT-SERVERS.NET.
. 3600 IN NS B.ROOT-SERVERS.NET.
. 3600 IN NS F.ROOT-SERVERS.NET.
. 3600 IN NS G.ROOT-SERVERS.NET.
. 3600 IN NS E.ROOT-SERVERS.NET.
. 3600 IN NS C.ROOT-SERVERS.NET.
. 3600 IN NS D.ROOT-SERVERS.NET.
. 3600 IN NS J.ROOT-SERVERS.NET.
. 3600 IN NS K.ROOT-SERVERS.NET.
. 3600 IN NS L.ROOT-SERVERS.NET.
. 3600 IN NS I.ROOT-SERVERS.NET.
. 3600 IN NS H.ROOT-SERVERS.NET.
. 3600 IN NS M.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
H.ROOT-SERVERS.NET. 3600 IN A 128.63.2.53
B.ROOT-SERVERS.NET. 3600 IN A 128.9.0.107
A.ROOT-SERVERS.NET. 3600 IN A 198.41.0.4
K.ROOT-SERVERS.NET. 3600 IN A 193.0.14.129
G.ROOT-SERVERS.NET. 3600 IN A 192.112.36.4
F.ROOT-SERVERS.NET. 3600 IN A 192.5.5.241
D.ROOT-SERVERS.NET. 3600 IN A 128.8.10.90
J.ROOT-SERVERS.NET. 3600 IN A 198.41.0.10
I.ROOT-SERVERS.NET. 3600 IN A 192.36.148.17
L.ROOT-SERVERS.NET. 3600 IN A 198.32.64.12
C.ROOT-SERVERS.NET. 3600 IN A 192.33.4.12
E.ROOT-SERVERS.NET. 3600 IN A 192.203.230.10
M.ROOT-SERVERS.NET. 3600 IN A 202.12.27.33
;; Query time: 62 msec
;; SERVER: XX.XX.XX.XX#53(XX.XX.XX.XX)
;; WHEN: Wed Nov 23 12:58:44 2011
;; MSG SIZE rcvd: 449
我已将send-root-referral no/lean添加到pdns.conf,然后使用此工具http://isc.sans.edu/dnstest.html进行了测试。仍然显示我“不好,你的名字服务器对查询做出了回应” – bastardz
当你将它设置为= no时,它显示的是什么输出? – Habbie
与上述相同的输出 – bastardz