Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.protocols.dns.bind > #15743
| Path | csiph.com!news.uzoreto.com!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail |
|---|---|
| From | Vadim Pavlov <pvm_job@mail.ru> |
| Newsgroups | comp.protocols.dns.bind |
| Subject | Re: DNS Queries Using API - BIND9 |
| Date | Sun, 10 May 2020 23:37:06 -0700 |
| Lines | 30 |
| Approved | bind-users@lists.isc.org |
| Message-ID | <mailman.380.1589179031.942.bind-users@lists.isc.org> (permalink) |
| References | <CAPPXLT_n9tUgp568x3UK9=OYPmuWR7wmyBcEsmL9SX+3DuX3vQ@mail.gmail.com> <820168EC-C49E-414C-92EB-0A65EF614024@mail.ru> <712b75ba-7104-62f2-767e-ee6c3b1fa9b3@switch.ch> <7243AFD7-73C0-415D-B087-F7A27FA0006A@mail.ru> |
| NNTP-Posting-Host | lists.isc.org |
| Mime-Version | 1.0 (Mac OS X Mail 12.4 \(3445.104.14\)) |
| Content-Type | text/plain; charset=utf-8 |
| Content-Transfer-Encoding | quoted-printable |
| X-Trace | usenet.stanford.edu 1589179047 11953 149.20.1.60 (11 May 2020 06:37:27 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| Cc | Blason R <blason16@gmail.com>, bind-users <bind-users@lists.isc.org> |
| To | Daniel Stirnimann <daniel.stirnimann@switch.ch> |
| Return-Path | <pvm_job@mail.ru> |
| X-Original-To | bind-users@lists.isc.org |
| Delivered-To | bind-users@lists.isc.org |
| DKIM-Signature | v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mail.ru; s=mail2; h=To:References:Message-Id:Content-Transfer-Encoding:Cc:Date:In-Reply-To:From:Subject:Mime-Version:Content-Type; bh=vMLGsMM7VmR49aaiv2By08kXqU9R0c19FWtK3x80y0I=; b=s/6Ty5AOn+npZqNgdK5yEaRwAaplRY6GzxRL72OjexzkSZMI0Vf16lRc3+IomXWHsA1jqPqbtloBH/tbBuLoj8TqoczV0bkF3fmzHYSA8tgWS6JPmlbFhTRxcq40Pt+Q3W3DeorHlqlww18sssdz388f2Ba+JGr3yWdblIMvAD4=; |
| In-Reply-To | <712b75ba-7104-62f2-767e-ee6c3b1fa9b3@switch.ch> |
| X-Mailer | Apple Mail (2.3445.104.14) |
| Authentication-Results | smtpng3.m.smailru.net; auth=pass smtp.auth=pvm_job@mail.ru smtp.mailfrom=pvm_job@mail.ru |
| X-7564579A | B8F34718100C35BD |
| X-77F55803 | 4F1203BC0FB41BD9790EF91ABD66AC660845EEBDFF7ABC81EC74B7198D4D8BDD182A05F538085040FDEF1F7596F2118C74D1EEFB5B04E30033CEFF3CEC6692E32607EAE6A551D4D5 |
| X-7FA49CB5 | FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE7BF6702EC5472AA0FEA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F79006378D08D652E28591A78638F802B75D45FF5571747095F342E8C7A0BC55FA0FE5FCEA72DD3B01DFD33BF96A801A3B798FA811BDBDD4DD646E28389733CBF5DBD5E913377AFFFEAFD269176DF2183F8FC7C0D1611F633B8B34AD8941B15DA834481FCF19DD082D7633A0E7DDDDC251EA7DABA471835C12D1D977725E5C173C3A84C3CAFEF312542AECBE117882F4460429728AD0CFFFB425014E40A5AABA2AD3711975ECD9A6C639B01B78DA827A17800CE702706FBA10211704731C566533BA786A40A5AABA2AD371193C9F3DD0FB1AF5EB2526A3BF303149AF3C9F3DD0FB1AF5EB4E70A05D1297E1BBCB5012B2E24CD356 |
| X-D57D3AED | 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojAF7EeQxRyTPYbVi5DaBd+Q== |
| X-Mailru-Sender | 689FA8AB762F73930799C7A3FA23A27055A8806E539DAF6065CF0A88EBC68EE1747D0603EFC8775303492C8A44C15D75FCE159FD4992AA296633ECEAE2DE8EBA5FEEDEB644C299C0ED14614B50AE0675 |
| X-Mras | Ok |
| X-Spam-Status | No, score=0.3 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,KAM_NUMSUBJECT, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=disabled version=3.4.2 |
| X-Spam-Checker-Version | SpamAssassin 3.4.2 (2018-09-13) on mx.pao1.isc.org |
| X-BeenThere | bind-users@lists.isc.org |
| X-Mailman-Version | 2.1.29 |
| Precedence | list |
| List-Id | BIND Users Mailing List <bind-users.lists.isc.org> |
| List-Unsubscribe | <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe> |
| List-Archive | <https://lists.isc.org/pipermail/bind-users/> |
| List-Post | <mailto:bind-users@lists.isc.org> |
| List-Help | <mailto:bind-users-request@lists.isc.org?subject=help> |
| List-Subscribe | <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe> |
| X-Mailman-Original-Message-ID | <7243AFD7-73C0-415D-B087-F7A27FA0006A@mail.ru> |
| X-Mailman-Original-References | <CAPPXLT_n9tUgp568x3UK9=OYPmuWR7wmyBcEsmL9SX+3DuX3vQ@mail.gmail.com> <820168EC-C49E-414C-92EB-0A65EF614024@mail.ru> <712b75ba-7104-62f2-767e-ee6c3b1fa9b3@switch.ch> |
| Xref | csiph.com comp.protocols.dns.bind:15743 |
Show key headers only | View raw
Good idea. It may work. I’m using Intra for 1.5 years (with my DNS) and actually didn’t try it likely my DoH “old” proxy probably doesn’t support it. With nginx it should be possible if these open source clients support it. For Win/Mac/Linux there should be some open source DoH clients (backup will be using it just in browsers). Vadim > On May 10, 2020, at 23:26, Daniel Stirnimann <daniel.stirnimann@switch.ch> wrote: > > > > On 11.05.20 08:18, Vadim Pavlov via bind-users wrote: >> The main issue that bind does’t provide an authentication method. So in >> any case you somehow should manage the access to the DNS server vice >> versa it will became open resolver and will be used for DDoS attacks. > > If you were to use DoH, you could use Basic Authentication. The DoH URL > you could configure on your client systems could be something like this: > > https://username:password@doh.example.com/dns-query > > > Daniel
Back to comp.protocols.dns.bind | Previous | Next | Find similar | Unroll thread
Re: DNS Queries Using API - BIND9 Vadim Pavlov <pvm_job@mail.ru> - 2020-05-10 23:37 -0700
csiph-web