[AusNOG] SRV Records

Nicholas Meredith nicholas at udhaonline.net
Tue Jul 15 18:56:28 EST 2014 

That is showing that SRV queries are being permitted correct?


On Tue, Jul 15, 2014 at 6:55 PM, ANSA SERVERS <info at ausnetservers.net.au>
wrote:

>  What sort of damage could blocking them be causing or there is no way to
> tell?
>
>
>
> I have no edited the policy so will monitor it.
>
>
>
> Here is a screenshot of what we currently block / allow as of now
>
>
>
> http://gyazo.com/503d935ba4b002ae7310ebd6557aaea6
>
>
>
> Regards,
>
>
>
> *Matthew Matters  *Managing Director / CEO of Aus Net Servers Australia
> Pty Ltd
> Management Department  |  Small Business Hosting Sales & Services  |  Aus
> Net Servers Australia Pty Ltd
>
> P  1300 933 038  |  M  0428 028 091  |  E  mmatters at ausnetservers.net.au |
>  W  www.ausnetservers.net.au
>
> ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated
> Hosting Solutions For Small Business Since 2007
>
>
>
> *From:* Nicholas Meredith [mailto:nicholas at udhaonline.net]
> *Sent:* Tuesday, 15 July 2014 6:51 PM
>
> *To:* ANSA SERVERS
> *Cc:* ausnog at lists.ausnog.net
> *Subject:* Re: [AusNOG] SRV Records
>
>
>
> SRV records are like auto-discovery helpers, and are used legitimately by
> many services including exchange as Shannon pointed out. They are only
> growing in popularity to expect to see them increase over time.
>
>
>
> On Tue, Jul 15, 2014 at 6:48 PM, ANSA SERVERS <info at ausnetservers.net.au>
> wrote:
>
>  I am not sure with why they are being blocked but it looks like it’s a
> rate limiter eg after x amount it starts blocking. I have sent an email to
> our noc team to look into the issue, meanwhile while you guys  visit our
> website I am seeing more of them being blocked.
>
>
>
> Thanks
>
>
>
> Regards,
>
>
>
> *Matthew Matters  *Managing Director / CEO of Aus Net Servers Australia
> Pty Ltd
> Management Department  |  Small Business Hosting Sales & Services  |  Aus
> Net Servers Australia Pty Ltd
>
> P  1300 933 038  |  M  0428 028 091 <0428%20028%20091>  |  E
> mmatters at ausnetservers.net.au |  W  www.ausnetservers.net.au
>
> ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated
> Hosting Solutions For Small Business Since 2007
>
>
>
> *From:* Nicholas Meredith [mailto:nicholas at udhaonline.net]
> *Sent:* Tuesday, 15 July 2014 6:46 PM
> *To:* ANSA SERVERS
> *Cc:* ausnog at lists.ausnog.net
> *Subject:* Re: [AusNOG] SRV Records
>
>
>
> I have never heard of anyone blocking them before, don't block them unless
> you know exactly why you would want to do so.
>
>
>
> On Tue, Jul 15, 2014 at 6:41 PM, ANSA SERVERS <info at ausnetservers.net.au>
> wrote:
>
>   Hey Guys,
>
>
>
> Quick question for all the network security buffs on the list….
>
>
>
> Are SRV dns records dangerous and should we continue to  block them at our
> border router?
>
>
>
> I am asking this because we are seeing massive amounts of traffic being
> blocked (and ips hitting out blacklist) from our network because they are
> trying to query our dns cluster for these records.
>
>
>
> These are the default options in the dns proxy policy for the firewall
> that where set when it was installed – but we already know the people that
> installed the firewall had no idea what they were doing…
>
>
>
> So what exactly are these SRV records and what are they used for. We have
> no reason to block them if they pose no risk to our network.
>
>
>
> Regards,
>
>
>
> *Matthew Matters  *Managing Director / CEO of Aus Net Servers Australia
> Pty Ltd
> Management Department  |  Small Business Hosting Sales & Services  |  Aus
> Net Servers Australia Pty Ltd
>
> P  1300 933 038  |  M  0428 028 091  |  E  mmatters at ausnetservers.net.au |
>  W  www.ausnetservers.net.au
>
> ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated
> Hosting Solutions For Small Business Since 2007
>
>
>
> [image: Image removed by sender. LinkedIn]
> <http://www.linkedin.com/company/aus-net-servers-australia>[image: Image
> removed by sender. Twitter] <http://www.twitter.com/ansaservers>The
> information transmitted in this e-mail is for the exclusive use of the
> intended addressee and may contain confidential and/or privileged material.
> Any review, re-transmission, dissemination or other use of it, or the
> taking of any action in reliance upon this information by persons and/or
> entities other than the intended recipient is prohibited. If you received
> this in error, please inform the sender and/or addressee immediately and
> delete the material. If you have been sent this email and it is not
> addressed to you please forward the email as is to
> hostmaster at ausnetservers.net.au and delete all local and inta-local
> copies including backups from your system. E-mails may not be secure, may
> contain computer viruses and may be corrupted in transmission. Please
> carefully check this e-mail (and any attachment) accordingly. No warranties
> are given and no liability is accepted for any loss or damage caused by
> such matters. This email has been scanned before transmission with business
> grade antivirus and antispam software but as mentioned above no warranties
> can be given that the email has not been contaminated after transmission.
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
> [image: LinkedIn]
> <http://www.linkedin.com/company/aus-net-servers-australia>[image:
> Twitter] <http://www.twitter.com/ansaservers>The information transmitted
> in this e-mail is for the exclusive use of the intended addressee and may
> contain confidential and/or privileged material. Any review,
> re-transmission, dissemination or other use of it, or the taking of any
> action in reliance upon this information by persons and/or entities other
> than the intended recipient is prohibited. If you received this in error,
> please inform the sender and/or addressee immediately and delete the
> material. If you have been sent this email and it is not addressed to you
> please forward the email as is to hostmaster at ausnetservers.net.au and
> delete all local and inta-local copies including backups from your system.
> E-mails may not be secure, may contain computer viruses and may be
> corrupted in transmission. Please carefully check this e-mail (and any
> attachment) accordingly. No warranties are given and no liability is
> accepted for any loss or damage caused by such matters. This email has been
> scanned before transmission with business grade antivirus and antispam
> software but as mentioned above no warranties can be given that the email
> has not been contaminated after transmission.
>
>
>  [image: LinkedIn]
> <http://www.linkedin.com/company/aus-net-servers-australia>[image:
> Twitter] <http://www.twitter.com/ansaservers>The information transmitted
> in this e-mail is for the exclusive use of the intended addressee and may
> contain confidential and/or privileged material. Any review,
> re-transmission, dissemination or other use of it, or the taking of any
> action in reliance upon this information by persons and/or entities other
> than the intended recipient is prohibited. If you received this in error,
> please inform the sender and/or addressee immediately and delete the
> material. If you have been sent this email and it is not addressed to you
> please forward the email as is to hostmaster at ausnetservers.net.au and
> delete all local and inta-local copies including backups from your system.
> E-mails may not be secure, may contain computer viruses and may be
> corrupted in transmission. Please carefully check this e-mail (and any
> attachment) accordingly. No warranties are given and no liability is
> accepted for any loss or damage caused by such matters. This email has been
> scanned before transmission with business grade antivirus and antispam
> software but as mentioned above no warranties can be given that the email
> has not been contaminated after transmission.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140715/d182ca37/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 823 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140715/d182ca37/attachment.jpg>

More information about the AusNOG mailing list