To enhance DNS Server, we need to analyze logs we collected. On my case, there are lots of non-existent DNS queries based on my monitoring
Sunday, July 14, 2024
Analyzing BIND Logs using CLI
Handling Non Existent Domain (NXDOMAIN) Queries
On a large organization, where there are lots of endpoint clients, there will be a huge number of DNS queries. Many of those queries were non existent domains and sometimes causing resource exhaustion either on DNS server or on the network level
Here are the steps to set up sinkhole domains in BIND
1. Create a file /etc/blacklisted.domains and put these lines
zone "blacklisted.domain" {type master; file "/etc/blockeddomains.db";};
2. Create a file /etc/blockeddomains.db
$TTL 1D @ IN SOA localdomain. root.localdomain. ( 2024041801 ; Serial 3600 ; Refresh 600 ; Retry 86400 ; Expire 3600 ; Minimum TTL ) @ IN NS localdomain. localdomain. IN A 127.0.0.1 ; Replace with actual IP if needed |
3. Add this line into your BIND configuration (/etc/named.conf)
include "/etc/blacklisted.zones";
Sunday, June 9, 2024
How to Extend Certificate Validity Period on Windows Certificate Authority
1. Open regedit on your enterprise CA server
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CertSvc\Configuration\<CAName>
2. In the right pane, double-click ValidityPeriod
3. In the Value data box, type one of the following, and then click OK:
- Days
- Weeks
- Months
- Years