FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 07-10-2008, 09:32 PM
"Lanny Marcus"
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

On 7/10/08, Scott Silva <ssilva@sgvwater.com> wrote:
<snip>
> Try dig +trace emcali.net
> It should show all servers "your" query goes through.

Scott: Please note that I added ".co" (for Colombia) emcali.net.co
Is this showing which DNS Servers my DNS requests use, or, which DNS
Servers serve their web site? Also note that when I tried "dig
+trace" or "dig trace" I got very abbreviated answers. Probably I
don't have the syntax correct. Question: Is there another command I
can use, to another web site (irs.gov or something) that shows which
DNS Servers I am using, to get to that web site? My wife is
complaining, again, as I write this, so getting our own Caching DNS
Server, ASAP, has become a priority. When Colombian women are mad...
:-) TIA, Lanny

P.S.
The first time I tried to send this email, I ended up at opendns.com
instead of getting a response from Gmail.

[lanny@dell2400 ~]$ dig emcali.net.co

; <<>> DiG 9.3.4-P1 <<>> emcali.net.co
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24430
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;emcali.net.co. IN A

;; ANSWER SECTION:
emcali.net.co. 10800 IN A 200.29.96.38

;; AUTHORITY SECTION:
emcali.net.co. 10800 IN NS dns1.emcali.net.co.
emcali.net.co. 10800 IN NS dns2.emcali.net.co.
emcali.net.co. 10800 IN NS dns3.emcali.net.co.

;; ADDITIONAL SECTION:
dns1.emcali.net.co. 10800 IN A 200.29.96.22
dns2.emcali.net.co. 10800 IN A 200.29.96.27
dns3.emcali.net.co. 10800 IN A 200.29.104.22

;; Query time: 314 msec
;; SERVER: 192.168.10.1#53(192.168.10.1)
;; WHEN: Thu Jul 10 16:12:53 2008
;; MSG SIZE rcvd: 152

[lanny@dell2400 ~]$

[lanny@dell2400 ~]$ dig trace emcali.net.co
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30304
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;trace. IN A

;; Query time: 2 msec
;; SERVER: 192.168.10.1#53(192.168.10.1)
;; WHEN: Thu Jul 10 16:20:28 2008
;; MSG SIZE rcvd: 23


; <<>> DiG 9.3.4-P1 <<>> trace emcali.net.co
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24706
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;emcali.net.co. IN A

;; ANSWER SECTION:
emcali.net.co. 10346 IN A 200.29.96.38

;; Query time: 1 msec
;; SERVER: 192.168.10.1#53(192.168.10.1)
;; WHEN: Thu Jul 10 16:20:28 2008
;; MSG SIZE rcvd: 47

[lanny@dell2400 ~]$


[lanny@dell2400 ~]$ dig +trace emcali.net.co

; <<>> DiG 9.3.4-P1 <<>> +trace emcali.net.co
;; global options: printcmd
. 0 IN A 192.168.1.1
;; Received 33 bytes from 192.168.10.1#53(192.168.10.1) in 3 ms

[lanny@dell2400 ~]$
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-10-2008, 09:50 PM
"Lanny Marcus"
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

On 7/10/08, Scott Silva <ssilva@sgvwater.com> wrote:
<snip>
> Bind as a caching nameserver is dead easy to install.
> Just run "yum install caching-nameserver" and it will pull everything in.
> Then "chkconfig named on & service named start"

Scott: Thanks! I just began a text file: "Caching DNS Server" and
copied the above into it. Questions: (a) Is caching-nameserver
completely standalone or do I need anything else with it? (Sound like
yum will install everything it needs) (b) How to configure it? (c)
Easier for me to get that configured properly than dnscache from
djbdns? (d) If I do a minimal CentOS 3.x or 4.x install, would I do
the Routing & Masquerading with IPTables or something else? If I can
get this to work, on a CentOS box, that would be great. Lots of
questions! Your time and help is much appreciated! Lanny
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-10-2008, 10:02 PM
Bill Campbell
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

On Thu, Jul 10, 2008, Lanny Marcus wrote:
>On 7/10/08, Scott Silva <ssilva@sgvwater.com> wrote:
><snip>
>> Bind as a caching nameserver is dead easy to install.
>> Just run "yum install caching-nameserver" and it will pull everything in.
>> Then "chkconfig named on & service named start"
>
>Scott: Thanks! I just began a text file: "Caching DNS Server" and
>copied the above into it. Questions: (a) Is caching-nameserver
>completely standalone or do I need anything else with it? (Sound like
>yum will install everything it needs) (b) How to configure it? (c)
>Easier for me to get that configured properly than dnscache from
>djbdns? (d) If I do a minimal CentOS 3.x or 4.x install, would I do
>the Routing & Masquerading with IPTables or something else? If I can
>get this to work, on a CentOS box, that would be great. Lots of
>questions! Your time and help is much appreciated! Lanny

If you configure BIND so it only listens on 127.0.0.1, it should
be fairly secure.

Bill
--
INTERNET: bill@celestial.com Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
Voice: (206) 236-1676 Mercer Island, WA 98040-0820
Fax: (206) 232-9186

Never blame a legislative body for not doing something. When they do
nothing, that don't hurt anybody. When they do something is when they
become dangerous. -- Will Rogers
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-11-2008, 12:31 AM
"Lanny Marcus"
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

On 7/10/08, Scott Silva <ssilva@sgvwater.com> wrote:
<snip>
> When you set up your connection to your provider, do you have a static
> address
> or dynamic?

We get a dynamic IP address when we connect to ADSL.

>If static, you had to set your next step resolver in the config.
> If you are dynamic, you get what your provider sends with the dhcp request.
> Since you said you have an ipcop box for your router you should be able to
> ssh
> into it and run setup and change your nameserver setting to 127.0.0.1 and
> your
> ipcop should be a caching nameserver. If you have another address there it
> will query to that server.

I will try to SSH into the ipcop box. I've never tried to SSH into it.
I've always looked at it via the web interface.

> I just tried it from one of my ipcop boxes and got a query all the way to
> the
> root servers;
>
> dig +trace gmail.com

I tried dig +trace from my Desktop and it didn't work. Probably
because I'm behind the Firewall. If I can SSH into the ipcop box I
will try dig +trace from there.

If I can get the above to work, I suspect I may also need to change
something in the configuration for the ADSL modem for DNS. Sounds like
a quick and easy way to do this!

I have my notes from when I installed IPCop on that box, last
September. The ADSL modem IP is 192.168.1.1 and the Red NIC IP is
192.168.1.2 and the Green NIC IP is 192.168.10.1 and in the DHCP
Server Configuration Menu the Primary DNS is 192.168.10.1

Thanks much!
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-11-2008, 12:40 AM
"Lanny Marcus"
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

On 7/10/08, Scott Silva <ssilva@sgvwater.com> wrote:
> Do you want to install a complete router using CentOS?
> Is your ipcop box not adequate for your needs?

>From what you wrote to me in another reply, ipcop will do the job, as
soon as I can get into it and get it configured the way you said. That
will be MUCH easier and MUCH faster than me trying to set up a CentOS
box to do this.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-11-2008, 12:52 AM
"Lanny Marcus"
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

On 7/10/08, Scott Silva <ssilva@sgvwater.com> wrote:
<snip>
> When you set up your connection to your provider, do you have a static
> address
> or dynamic?

Dynamic IP

> If static, you had to set your next step resolver in the config.
> If you are dynamic, you get what your provider sends with the dhcp request.
> Since you said you have an ipcop box for your router you should be able to
> ssh
> into it and run setup and change your nameserver setting to 127.0.0.1 and
> your
> ipcop should be a caching nameserver. If you have another address there it
> will query to that server.

I never tried to SSH into the IPCop box before. I've always connected
to it via the web interface. I tried to SSH into it, but apparently I
have that Blocked, in the IPCop configuration settings.

[root@dell2400 ~]# ssh ipcop.homelan
ssh: connect to host ipcop.homelan port 22: Connection refused
[root@dell2400 ~]#

Obviously, I need to change that, so I can run Setup from a terminal
window, run the dig + trace command as you did from one of your IPCop
boxes, etc. I just turned on SSH access in IPCop. It says it uses Port
222 which is non standard for SSH....

I am looking at it from the web interface. Under DHCP, for the Green
Interface, for Primary DNS, it shows 192.168.10.1 If I change that
to 127.0.0.1 I'm done? Other than possibly needing to change a
configuration setting in the ADSL Modem, regarding DNS? Thanks much!
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-11-2008, 01:07 AM
"Lanny Marcus"
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

On 7/10/08, Lanny Marcus <lmmailinglists@gmail.com> wrote:
<snip>
>> your
>> ipcop should be a caching nameserver. If you have another address there it
>> will query to that server.
>
> Obviously, I need to change that, so I can run Setup from a terminal
> window, run the dig + trace command as you did from one of your IPCop
> boxes, etc. I just turned on SSH access in IPCop. It says it uses Port
> 222 which is non standard for SSH....

Still not able to SSH into the IPCop box. Something wrong in the
syntax I tried or SSH didn't get turned on in the IPCop box, via the
web interface, as I thought? The sshd is running in my Desktop box.

[root@dell2400 ~]# ssh ipcop.homelan:222
ssh: ipcop.homelan:222: Name or service not known
[root@dell2400 ~]#
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-11-2008, 01:30 AM
Ian Blackwell
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

Lanny Marcus wrote:

[root@dell2400 ~]# ssh ipcop.homelan:222
ssh: ipcop.homelan:222: Name or service not known
[root@dell2400 ~]#


Try:-

ssh -p 222 ipcop.homelan

Ian
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-11-2008, 10:03 AM
"William L. Maltby"
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

On Thu, 2008-07-10 at 19:31 -0500, Lanny Marcus wrote:
> On 7/10/08, Scott Silva <ssilva@sgvwater.com> wrote:
> <snip>
> ><snip>

> I will try to SSH into the ipcop box. I've never tried to SSH into it.
> I've always looked at it via the web interface.

Be aware that port 222, no 22, is used for slightly increased resistance
to attacks.

>
> > I just tried it from one of my ipcop boxes and got a query all the way to
> > the
> > root servers;
> >
> > dig +trace gmail.com
>
> I tried dig +trace from my Desktop and it didn't work. Probably
> because I'm behind the Firewall. If I can SSH into the ipcop box I
> will try dig +trace from there.

IPCop is based on 2.4 kernel, IIRC. I don't know if it has dig. Try
using nslookup (see the man page for details - I don't remember them
all).

> <snip>

HTH
--
Bill

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-11-2008, 10:14 AM
"William L. Maltby"
 
Default OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

On Thu, 2008-07-10 at 20:07 -0500, Lanny Marcus wrote:
> On 7/10/08, Lanny Marcus <lmmailinglists@gmail.com> wrote:
> <snip>
> >><snip>

> Still not able to SSH into the IPCop box. Something wrong in the
> syntax I tried or SSH didn't get turned on in the IPCop box, via the
> web interface, as I thought? The sshd is running in my Desktop box.

Sshd is for incoming connections. You need to enable it on IPCop (using
web interface is easiest). I also suggest using ssh keys instead of
password *if* you want increased security. Paranoia level is the
determining factor.

You should not need to fron the trace (dig or nslookup from the IPCop
box.

[wild-bill@centos501 ~]$ dig +trace smtp-server.triad.rr.com

; <<>> DiG 9.3.4-P1 <<>> +trace smtp-server.triad.rr.com
;; global options: printcmd
. 376531 IN NS E.ROOT-SERVERS.NET.
. 376531 IN NS D.ROOT-SERVERS.NET.
. 376531 IN NS M.ROOT-SERVERS.NET.
. 376531 IN NS B.ROOT-SERVERS.NET.
. 376531 IN NS F.ROOT-SERVERS.NET.
. 376531 IN NS K.ROOT-SERVERS.NET.
. 376531 IN NS A.ROOT-SERVERS.NET.
. 376531 IN NS L.ROOT-SERVERS.NET.
. 376531 IN NS I.ROOT-SERVERS.NET.
. 376531 IN NS H.ROOT-SERVERS.NET.
. 376531 IN NS C.ROOT-SERVERS.NET.
. 376531 IN NS J.ROOT-SERVERS.NET.
. 376531 IN NS G.ROOT-SERVERS.NET.
;; Received 504 bytes from 192.168.2.20#53(192.168.2.20) in 28 ms

com. 172800 IN NS F.GTLD-SERVERS.NET.
com. 172800 IN NS H.GTLD-SERVERS.NET.
<snip>

>
> [root@dell2400 ~]# ssh ipcop.homelan:222
> ssh: ipcop.homelan:222: Name or service not known
> [root@dell2400 ~]#

I've not used it for awhile, but I think you need to look at the man
page. ISTR that user@host is somewhere in there. Unsure though.

> <snip sig stuff>

--
Bill

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 04:29 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org