Isu tinoenderera mberi nezvikamu zvedu zvezvinyorwa uye mune ino isu tichagadzirisa zvinotevera zvinhu:
- Kuiswa
- Madhairekitori uye mafaera makuru
Usati waenderera mberi, tinokurudzira kuti usarege kuverenga:
Kuiswa
MuConsole uye semushandisi mudzi isu takaisa iyo sunga9:
kugona kuisa bind9
Isu tinofanirwa zvakare kuisa iyo package dnsutil iyo ine maturusi anodikanwa ekugadzira DNS mibvunzo uye kuongorora kushanda:
kugona kuisa dnsutils
Kana iwe uchida kubvunza zvinyorwa zvinouya munzvimbo yekuchengetera:
kukodzera kuisa bind9-doc
Zvinyorwa zvichachengetwa mudhairekitori / usr / share / doc / bind9-doc / ruoko uye indekisi faira kana Tafura yezviri mukati ndiyo bv9ARM.html. Kuivhura kumhanya:
firefox / usr / share / doc / bind9-doc / ruoko / Bv9ARM.html
Patinoisa iyo sunga9 paDebian, ndozvinoitawo package bind9utils iyo inotipa isu anoverengeka anobatsira maturusi ekuchengetedza kumisikidza kushanda kwekusungwa. Pakati pavo tichawana rndc, inonzi-checkconf uye inonzi-checkzone. Uyezve, iyo package dnsutil inopa yakazara yakateedzana BIND vatengi mapurogiramu pakati payo ichave iyo dig and the nlookup. Isu tinoshandisa ese aya maturusi kana mirairo muzvinyorwa zvinotevera.
Kuziva ese mapurogiramu epakeji yega yega isu tinofanirwa kuita semushandisi mudzi:
dpkg -L kusunga9utils dpkg -L dnsutils
Kana enda ku Synaptic, tsvaga pasuru yacho, uye ona kuti ndeapi mafaira akaiswa. Kunyanya iwo akaiswa mumafolda / usr / bin o / usr / sbin.
Kana isu tichida kuziva zvakawanda nezve mashandisiro echishandiso chega chega kana chirongwa chakaiswa, tinofanirwa kuita:
murume
Madhairekitori uye mafaera makuru
Patinoisa Debian iyo faira inogadzirwa /etc/resolv.conf. Iyi faira kana "Resolver sevhisi yekumisikidza faira", Ine sarudzo dzinoverengeka idzo nekutadza izita rezita uye IP kero yeDNS server yakaziviswa panguva yekumisikidzwa. Sezvo zvirimo murubatsiro rwefaira zviri muchiSpanish uye zvakajeka, tinokurudzira kurirava uchishandisa rairo murume resolution.conf.
Mushure mekuisa iyo sunga9 MukuSvina, zvirinani madhairekitori anotevera akagadzirwa
/ etc / bind / var / cache / bind / var / lib / bind
Mubhuku rekero / etc / bind isu tinowana, pakati pevamwe, anotevera mafaira ekumisikidza:
named.conf named.conf.options named.conf.default-zones named.conf.local rndc.key
Mubhuku rekero / var / cache / kusunga isu tichagadzira mafaera eiyo Nzvimbo Dzenharaunda izvo zvatichazotarisana nazvo gare gare. Kunze kwekuda kuziva, mhanya unotevera mirairo muConsole semushandisi mudzi:
ls -l / etc / kusunga ls -l / var / cache / bind
Ehezve, dhairekitori rekupedzisira harizove nechinhu, nekuti hatisati tagadzira Nzvimbo Yemunharaunda.
Kupatsanura BIND marongero mune akawanda mafaera kunoitwa kuitira nyore uye kujekesa. Faira rega rega rine basa chairo sezvatichaona pazasi:
anonzi.conf: Main faira yekumisikidza. Inosanganisira mafaerayakanzi.conf.options, anonzi.conf.local y inonzi.conf.default-zones.
yakanzi.conf.options: General DNS sevhisi sarudzo. Rairo: dhairekitori "/ var / cache / bind" inotaurira bind9 kupi kwekutarisa mafaera akagadzirwa Nzvimbo dzeMunharaunda. Isu tinosheedzera pano maseva "vanoendesa mberi. yemunharaunda haigone kupindura.
Semuenzaniso, kana isu tiri kugadzirisa iyo DNS yeLAN192.168.10.0/24, uye isu tinoda kuti mumwe wevatambi vedu ave UCI Zita Server, isu tinofanirwa kuzivisa iwo ekuraira kumberi {200.55.140.178; }; IP kero inoenderana neserura ns1.uci.cu.
Nenzira iyi tichakwanisa kubvunza yedu yemuno DNS server inova iyo IP kero yeiyo yahoo.es inomiririra (iri pachena kuti haisi paLAN yedu), sezvo yedu DNS ichabvunza iyo UCI kana ichiziva kuti ndeipi IP kero ye yahoo.es, uyezve ichatipa zvinogutsa kana kwete. Zvakare uye mune iyo faira pachayo zita.conf.option Isu tichazivisa zvimwe zvakakosha zvegadziriro sezvatichaona gare gare.
inonzi.conf.default-zones: Sezvinoreva zita iri, iwo maDefault Zones. Pano iwe unogadzira BHINDA zita refaira iro rine ruzivo rweMidzi Maseva kana Maseva eMidzi anodiwa kutanga iyo DNS cache, kunyanya iyo fairadb.root. KUSUNGWA kunorairwawo kuti uve nechiremera chakazara (kuve Chiremera) mukugadziriswa kwemazita e localhost, zvese mumibvunzo yakananga uye inodzosera kumashure, uye zvakafanana kune "Broadcast" nzvimbo.
anonzi.conf.local: Faira uko kwatinozivisa iko kumisikidzwa kwenzvimbo yeDNS server nezita reumwe neumwe Nzvimbo Dzenharaunda, uye inozove iyo DNS Marekodhi Mafaira ayo achaisa mepu mazita emakomputa akabatana neLAN yedu neayo IP kero uye zvinopesana.
rndc.key: Yakagadzirwa faira rine iyo Kiyi yekudzora BUNGO. Uchishandisa iyo BIND server control utility rndc, isu tichazokwanisa kurodha patsva iyo yekumisikidza yeDNS tisingazotangisezve nemirairo rndc reload. Inonyanya kubatsira kana tinoita shanduko mumafaira emaZoni Enzvimbo.
MuDebian maZera Mahara mafaera inogona zvakare kuwanikwa mu / var / lib / kusunga; nepo mune kumwe kugovera senge Red Hat uye CentOS ivo vanowanzo kuwanikwa mukati / var / lib / inonzi kana mamwe madhairekitori zvinoenderana nedziviriro inoitwa.
Isu tinosarudza dhairekitori / var / cache / kusunga ndiyo yakadudzirwa default Debian mufaira yakanzi.conf.options. Tinogona kushandisa chero dhairekitori chero bedzi isu tichiudza iyo sunga9 kupi kwekutarisa mafaera enzvimbo, kana isu tinopa iyo chaiyo nzira yeumwe neumwe wavo mune iyo faira anonzi.conf.local. Izvo zvine hutano chaizvo kushandisa madhairekitori akakurudzirwa nekuparadzira kwatiri kushandisa.
Izvo zvinopfuura chiyero chechinyorwa chino kukurukura nezvekuwedzera chengetedzo inobatanidzwa mukugadzira Cage kana "Chroot" YEMAHARA. Ndozvakaitawo nyaya yekuchengetedzeka kuburikidza neSELinux mamiriro. Avo vanofanirwa kuita maficha akadaro vanofanirwa kutendeukira kumabhuku kana zvinyorwa zvinehunyanzvi. Rangarira kuti iro gwaro pasuru bind9-doc yakaiswa mune dhairekitori / usr / share / doc / bind9-doc.
Well Gentlemen, kusvika parizvino Chikamu chechipiri. Hatidi kugara pachinyorwa chimwe chete nekuda kwemazano akanaka aMambo wedu. Pakupedzisira! isu tinopinda mune nitty-gritty yeBIND Setup uye Kuedza ... muchitsauko chinotevera.
makorokoto chinyorwa chakanaka kwazvo!
Ndinokutendai zvikuru ..
Izvi hazvinyanyo kukosha nekuda kwezvikonzero zvekuchengetedza: Usasiye dns yakavhurika (open resolution)
Refer:
1) http://www.google.com/search?hl=en&q=spamhaus+ataque
2) http://www.hackplayers.com/2013/03/el-ataque-ddos-spamhaus-y-la-amenaza-de-dns-abiertos.html
Ini ndinodudza:
«… Semuenzaniso, iyo Open DNS Resolver Project (openresolverproject.org), kuedza kwechikwata chevashandi vezvekuchengetedza kugadzirisa izvi, inofungidzira kuti pari zvino pane mamirioni makumi maviri neshanu" Open Recursive Resolvers ", uye mamirioni makumi maviri neshanu ndiwo ngozi huru ., yakavanzika, yakamirira kuburitsa hasha dzayo zvakare pamusoro pechinangwa chitsva .. »
Reply with quote
Zvakanaka kwazvo kupinza vanhu mune yakakosha sevhisi nhasi seDNS.
Zvandinoita, kana ndikakwanisa kunongedzera chimwe chinhu, ishanduro yako inonzwisa tsitsi ye "forwarders", inotaridzika sekunge yakadhonzwa kubva kuGoogle translate. Dudziro chaiyo ndeye "Kutumira Seva" kana "Vanoendesa Mberi."
Zvese zvimwe, zvakanaka.
Reply with quote
Semantics dambudziko. Kana iwe ukaendesa chikumbiro kune mumwe kuti uwane Mhinduro, hausi Kuendesa chikumbiro kune imwe nhanho. Ini ndaifunga kuti kurapa kwakanyanya muCuba Spanish kwaive Adelantadores nekuti ndanga ndichireva Pass kana Advance mubvunzo uyo ini (iyo yemuno DNS) ndaisakwanisa kupindura. Zvakareruka. Zvingadai zvakave nyore kwandiri kunyora chinyorwa ichi muChirungu. Nekudaro, ini ndinogara ndichijekesa nezve Dudziro Dzangu. Ndatenda nekutaura kwako kwakakodzera nguva.
Luxury;)!
Ndinokutendai!
Uye ye OpenSUSE?
CREO inoshanda kune chero distro. Nzvimbo dzefaira nzvimbo dzinosiyana, ndinofunga. Aihwa?
Ndatenda mese nekupindura .. uye ndinofara kugamuchira mazano ako .. 😉