[AusNOG] SRV Records
ANSA SERVERS
info at ausnetservers.net.au
Tue Jul 15 18:58:41 EST 2014
Correct, this is as of now. I have edited the policy to allow it before taking the screen capture to make sure that if IXFR and AXFER records are not supposed to be blocked that you guys would point it out ☺
Regards,
Matthew Matters Managing Director / CEO of Aus Net Servers Australia Pty Ltd
Management Department | Small Business Hosting Sales & Services | Aus Net Servers Australia Pty Ltd
P 1300 933 038 | M 0428 028 091 | E mmatters at ausnetservers.net.au<mailto:mmatters at ausnetservers.net.au> | W www.ausnetservers.net.au<http://www.ausnetservers.net.au/>
ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated Hosting Solutions For Small Business Since 2007
From: Nicholas Meredith [mailto:nicholas at udhaonline.net]
Sent: Tuesday, 15 July 2014 6:57 PM
To: ANSA SERVERS
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] SRV Records
That is showing that SRV queries are being permitted correct?
On Tue, Jul 15, 2014 at 6:55 PM, ANSA SERVERS <info at ausnetservers.net.au<mailto:info at ausnetservers.net.au>> wrote:
What sort of damage could blocking them be causing or there is no way to tell?
I have no edited the policy so will monitor it.
Here is a screenshot of what we currently block / allow as of now
http://gyazo.com/503d935ba4b002ae7310ebd6557aaea6
Regards,
Matthew Matters Managing Director / CEO of Aus Net Servers Australia Pty Ltd
Management Department | Small Business Hosting Sales & Services | Aus Net Servers Australia Pty Ltd
P 1300 933 038<tel:1300%20933%20038> | M 0428 028 091<tel:0428%20028%20091> | E mmatters at ausnetservers.net.au<mailto:mmatters at ausnetservers.net.au> | W www.ausnetservers.net.au<http://www.ausnetservers.net.au/>
ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated Hosting Solutions For Small Business Since 2007
From: Nicholas Meredith [mailto:nicholas at udhaonline.net<mailto:nicholas at udhaonline.net>]
Sent: Tuesday, 15 July 2014 6:51 PM
To: ANSA SERVERS
Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] SRV Records
SRV records are like auto-discovery helpers, and are used legitimately by many services including exchange as Shannon pointed out. They are only growing in popularity to expect to see them increase over time.
On Tue, Jul 15, 2014 at 6:48 PM, ANSA SERVERS <info at ausnetservers.net.au<mailto:info at ausnetservers.net.au>> wrote:
I am not sure with why they are being blocked but it looks like it’s a rate limiter eg after x amount it starts blocking. I have sent an email to our noc team to look into the issue, meanwhile while you guys visit our website I am seeing more of them being blocked.
Thanks
Regards,
Matthew Matters Managing Director / CEO of Aus Net Servers Australia Pty Ltd
Management Department | Small Business Hosting Sales & Services | Aus Net Servers Australia Pty Ltd
P 1300 933 038<tel:1300%20933%20038> | M 0428 028 091<tel:0428%20028%20091> | E mmatters at ausnetservers.net.au<mailto:mmatters at ausnetservers.net.au> | W www.ausnetservers.net.au<http://www.ausnetservers.net.au/>
ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated Hosting Solutions For Small Business Since 2007
From: Nicholas Meredith [mailto:nicholas at udhaonline.net<mailto:nicholas at udhaonline.net>]
Sent: Tuesday, 15 July 2014 6:46 PM
To: ANSA SERVERS
Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] SRV Records
I have never heard of anyone blocking them before, don't block them unless you know exactly why you would want to do so.
On Tue, Jul 15, 2014 at 6:41 PM, ANSA SERVERS <info at ausnetservers.net.au<mailto:info at ausnetservers.net.au>> wrote:
Hey Guys,
Quick question for all the network security buffs on the list….
Are SRV dns records dangerous and should we continue to block them at our border router?
I am asking this because we are seeing massive amounts of traffic being blocked (and ips hitting out blacklist) from our network because they are trying to query our dns cluster for these records.
These are the default options in the dns proxy policy for the firewall that where set when it was installed – but we already know the people that installed the firewall had no idea what they were doing…
So what exactly are these SRV records and what are they used for. We have no reason to block them if they pose no risk to our network.
Regards,
Matthew Matters Managing Director / CEO of Aus Net Servers Australia Pty Ltd
Management Department | Small Business Hosting Sales & Services | Aus Net Servers Australia Pty Ltd
P 1300 933 038<tel:1300%20933%20038> | M 0428 028 091<tel:0428%20028%20091> | E mmatters at ausnetservers.net.au<mailto:mmatters at ausnetservers.net.au> | W www.ausnetservers.net.au<http://www.ausnetservers.net.au/>
ABN 25 162 013 194 | ACN 162 013 194 | ARBN B2318 229M | #1 For Dedicated Hosting Solutions For Small Business Since 2007
[Image removed by sender. LinkedIn]<http://www.linkedin.com/company/aus-net-servers-australia>[Image removed by sender. Twitter]<http://www.twitter.com/ansaservers>The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. If you have been sent this email and it is not addressed to you please forward the email as is to hostmaster at ausnetservers.net.au<mailto:hostmaster at ausnetservers.net.au> and delete all local and inta-local copies including backups from your system. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. This email has been scanned before transmission with business grade antivirus and antispam software but as mentioned above no warranties can be given that the email has not been contaminated after transmission.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
[LinkedIn]<http://www.linkedin.com/company/aus-net-servers-australia>[Twitter]<http://www.twitter.com/ansaservers>The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. If you have been sent this email and it is not addressed to you please forward the email as is to hostmaster at ausnetservers.net.au<mailto:hostmaster at ausnetservers.net.au> and delete all local and inta-local copies including backups from your system. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. This email has been scanned before transmission with business grade antivirus and antispam software but as mentioned above no warranties can be given that the email has not been contaminated after transmission.
[LinkedIn]<http://www.linkedin.com/company/aus-net-servers-australia>[Twitter]<http://www.twitter.com/ansaservers>The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. If you have been sent this email and it is not addressed to you please forward the email as is to hostmaster at ausnetservers.net.au<mailto:hostmaster at ausnetservers.net.au> and delete all local and inta-local copies including backups from your system. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. This email has been scanned before transmission with business grade antivirus and antispam software but as mentioned above no warranties can be given that the email has not been contaminated after transmission.
[LinkedIn] <http://www.linkedin.com/company/aus-net-servers-australia> [Twitter] <http://www.twitter.com/ansaservers> The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. If you have been sent this email and it is not addressed to you please forward the email as is to hostmaster at ausnetservers.net.au and delete all local and inta-local copies including backups from your system. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. This email has been scanned before transmission with business grade antivirus and antispam software but as mentioned above no warranties can be given that the email has not been contaminated after transmission.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140715/2e44a739/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 823 bytes
Desc: image001.jpg
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140715/2e44a739/attachment.jpg>
More information about the AusNOG
mailing list