The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Stealth nameserver leakage - ns1 & ns2

Discussion in 'Bind / DNS / Nameserver Issues' started by wzd, Mar 18, 2007.

  1. wzd

    wzd Well-Known Member

    Joined:
    Dec 16, 2005
    Messages:
    118
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    South Africa
    cPanel Access Level:
    Root Administrator
    Hi guys,

    Been trying to read the other posts on these DNS issues but not much luck from them.

    We have just reloaded the server and every single domain on the server is saying ns1.domain.com and ns2.domain.com !!

    Our nameservers are geek.domain.com and bofh.domain.com and these are what the accounts should be resolving to.

    DNSREPORT.com comes up with

    Stealth NS record leakage Your DNS servers leak stealth information in non-NS requests:
    Missing (stealth) nameservers

    ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:

    Basically for some reason ns1.domain.com and ns2.domain.com are everywhere when our nameservers are really geek.domain.com and bofh.domain.com

    Any1 with a practical guide on how to fix this?

    Wzd
     
  2. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    In DNSReport the first two lines are usually the nameservers as listed at the registrar. If those are correct look at the DNS zone on the server. One of them, registrar or DNS zone, is probably not right.

    The registrar nameserver and your DNS zone on your server should match, otherwise you get the type of errors you are describing.
     
  3. wzd

    wzd Well-Known Member

    Joined:
    Dec 16, 2005
    Messages:
    118
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    South Africa
    cPanel Access Level:
    Root Administrator
    Hey,

    I've managed to fix everything that is fixable but the data center techies that reloaded the server must have done something wrong because:

    Each zone says that the nameservers are ns1. and ns2.

    The DNS Zone template, however, shows %nameserver1%
    When i first logged in through the IP into WHM i went through the setup and then changed the ns1 and ns2. entries to our proper nameservers...

    Any ideas how i would go about changing every single zonefile to what it should be?
     
  4. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    The zone template file should be %nameserver1% then it will match your ns1 and ns2 setting in the Basic WHM setup when you create a new account.

    If accounts are set up and it has the wrong ns1 and ns2 in the zone files (your not going to like this) you have to manually change them via WHM. Just do not forget the trailing dot i.e. ns1.domain.com.

    I have manually changed them by... I made a folder, copied all the .db files to that folder for a backup. SFTP'ed in downloaded the files, opened them all in Crimson Editor and did a mass replacement, checked them, uploaded them back to another new folder and copied over to /var/named and restarted named and was fine.

    The next time I needed to make a lot of zone file changes I ssh'ed in, made a backup copy of the *.db files, and used replace command to match and replace what I wanted it was easier, but if your not careful you could really screw some things up. You might make a backup of all the zone files first. I do not know your skill level so you might be better off using WHM Dns zone editor.
     
  5. wzd

    wzd Well-Known Member

    Joined:
    Dec 16, 2005
    Messages:
    118
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    South Africa
    cPanel Access Level:
    Root Administrator
    Hi Rhenderson,

    Thanks for the reply,
    I used the following sed expression:

    sed --in-place=.backup 's/ns1\.domain\.net./geek\.domain\.net./g' *.db

    After making a backup of course...

    - Just gotta get past the negative TTL now

    I'll update this post if anything screws out with th DNS tomorrow ;)
    Thanks for the help
     
Loading...

Share This Page