Webmaster Help needed!!

Discuss Networking
Post Reply
ThePreacher
scripter
scripter
Posts: 61
Joined: Tue Jan 28, 2003 4:43 am
Location: Kansas City
Contact:

Webmaster Help needed!!

Post by ThePreacher »

What's Going ON? My website is down for some reason I cant figure out. The computer itself is physically up. As is apache and mysql. The firewall is not blocking port 80, the router is not blocking the firewall. The internet connection is good, you can still get to the site by typing my ip in a browser. http://65.28.11.91 I checked the whois lookup to make sure that my ip for my name server was correct and it is. I checked the badconnections.net.zone file to make sure my ip was correct there. I thought maybe there was some kind of attack on the hostname lookup servers or something. I dont know. Just help me. Everything worked fine yesterday.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Both of your listed DNS servers are not answering requests. "whois badconnections.net" lists 65.28.11.91 and 65.28.8.144 as DNS servers authoritative for your domain. Neither of those addresses are answering DNS requests at the moment so either they do not have named running or they are blocking port 53 with a firewall or they have been hacked.

ThePreacher
scripter
scripter
Posts: 61
Joined: Tue Jan 28, 2003 4:43 am
Location: Kansas City
Contact:

Post by ThePreacher »

I started named using "service named start" named supposedly started, however I still cant access my site. I pray that I havent been hacked, I mean a defacement is at least easy to fix.

ThePreacher
scripter
scripter
Posts: 61
Joined: Tue Jan 28, 2003 4:43 am
Location: Kansas City
Contact:

Post by ThePreacher »

Well I just checked, and bam its back up. What the hell?!?

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

I don't know where the name is being resolved from because both of the servers responsible for your domain are still not resolving it:

Code: Select all

$ dig badconnections.net NS
                                                                                
; <<>> DiG 9.2.1 <<>> badconnections.net NS
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13903
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
                                                                                
;; QUESTION SECTION:
;badconnections.net.            IN      NS
                                                                                
;; ANSWER SECTION:
badconnections.net.     109767  IN      NS      ns1.badconnections.net.
badconnections.net.     109767  IN      NS      www.badconnections.net.
 
;; ADDITIONAL SECTION:
ns1.badconnections.net. 109767  IN      A       65.28.8.144
www.badconnections.net. 109767  IN      A       65.28.11.91
 
;; Query time: 3 msec
;; SERVER: 192.168.0.3#53(192.168.0.3)
;; WHEN: Sun May 18 08:37:38 2003
;; MSG SIZE  rcvd: 104

Code: Select all

$ dig @65.28.11.91 www.badconnections.net
                                                                                
; <<>> DiG 9.2.1 <<>> @65.28.11.91 www.badconnections.net
;; global options:  printcmd
;; connection timed out; no servers could be reached

Code: Select all

dig @65.28.8.144 www.badconnections.net
                                                                                
; <<>> DiG 9.2.1 <<>> @65.28.8.144 www.badconnections.net
;; global options:  printcmd
;; connection timed out; no servers could be reached
My guess is that since you have "www.badconnections.net" listed as one of your DNS servers for your domain that the root servers are actually resolving it. This is *not* the way things are supposed to be set up. You should have named running on the two IP addresses you have listed for your DNS servers and they both should have the "badconnections.net" zone configured and should be answering queries to the outside world. Currently they are not answering queries. You probably have firewall rules restricting it. What does "iptables -L" show? Is named running (ps auxwww | grep named)? Is you zone configured properly? What is in /etc/named.conf and in your zone files? etc...

ThePreacher
scripter
scripter
Posts: 61
Joined: Tue Jan 28, 2003 4:43 am
Location: Kansas City
Contact:

Post by ThePreacher »

Dammit I screwed this up pretty badly. I really didnt know what I was doing when I set up bind. Somehow it worked and I didnt touch it after that. Im ashamed to ask, but I need help fixing this. Last year when I set this up, I had absolutely no clue what to do, so Im kind of embarrassed to show you this.

http://www.badconnections.net/misc/named.conf
http://www.badconnections.net/misc/badc ... s.net.zone
http://www.badconnections.net/misc/badc ... ns.net.rev
http://www.badconnections.net/misc/named.ca
http://www.badconnections.net/misc/named.local
http://www.badconnections.net/misc/localhost.rev
http://www.badconnections.net/misc/localhost.zone

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

I don't have much time right now but for now you might want to look at my Dynamic DNS example in the Red Hat tips (just forget the Dynamic portions of it). I'll try to configure it all up for you this afternoon if you still can't get it, should only take about 10 minutes...

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Ok, here is a configuration that can be used on both servers, making both of them a primary DNS server. Having them both be a primary (master) means that if you change one then you also need to make the same change to the other. This is the easiest setup but you could also do a primary/secondary (master/slave) where only the master would need to be updated. Only having one or two records I doubt this will be a big issue. Here's the config:

http://voidmain.is-a-geek.net/files/bad ... med.tar.gz

Download the above and to extract it into the proper locations do this:

# cd /
# tar -xvzf /path/to/badconnections_named.tar.gz

You might want to back up your existing files first (or I guess you have already done this). You probably already know this but to see what files will be extracted before extracting them:

# tar -tvzf /path/to/badconnections_named.tar.gz

After extracting just restart named and it should work...

On a side note you might want to add another A record to the badconnections.net.zone and make an "ns2.badconnections.net" that points to 11.91 and then change your domain registration record from www.badconnections.net to ns2.badconnections.net (after verifying your servers are working properly of course). Until you do that I don't believe you will have 100% control of the www.badconnections.net name (or the best control).

ThePreacher
scripter
scripter
Posts: 61
Joined: Tue Jan 28, 2003 4:43 am
Location: Kansas City
Contact:

Post by ThePreacher »

I assume that I must change my host server information before my site will be visible to the internet again. Otherwise I followed your directions and within 72 hours I should know whether everything is working. By the way my secondary dns server is down, so I pointed ns2.badconnections.net at 65.28.11.91 as well.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

ThePreacher wrote:I assume that I must change my host server information before my site will be visible to the internet again. Otherwise I followed your directions and within 72 hours I should know whether everything is working. By the way my secondary dns server is down, so I pointed ns2.badconnections.net at 65.28.11.91 as well.
What host server information? It should have worked just by putting the files in place and restarting named. Still it does not appear that your named is running or you have a firewall blocking port 53. I can not get to your DNS port on your server. Right after restarting named what are the last 20 lines or so in your /var/log/messages?

Post Reply