Scottie  Mills

Scottie Mills

1627506420

What exactly is a TXT DNS record? (how to do a lookup)

Learn about DNS TXT records, how they can be used to verify domain ownership, prevent email spam, and also how to do a DNS TXT record lookup with dig. What exactly is a TXT DNS record? (and how to do a lookup)

#developer #serverless

What is GEEK

Buddha Community

What exactly is a TXT DNS record? (how to do a lookup)
Ray  Patel

Ray Patel

1623940860

Way to find out if DNS is down or your instance with python

DNS-PING

Way to find out if DNS is down or your instance.

Problem: At times it happens that DNS provider services of a website URL is down and so to reduce response time by not diagnosing the infrastructure and informing the user to check with DNS provider.

Functionality: Lambda in python pings the URL to be monitored and fetch the response. If the response code is anything other than 200 it triggers CloudWatch event and send SNS to user.

How to Run the Script : Create a Lambda function called “DNS-PING” the run-time version Python 3.6 and above by using the attach code. Creation of the Lambda function will in turn create CloudWatch Logs groups for its logging. Lamda can be call every 5 mins or as per your business requirement.

#network #way to find out if dns is down or your instance with python #python #dns #way to find out if dns is down or your instance #find out if dns

Bhakti Rane

1625057623

Click2Undo - 1 Click App to restore Dynamics 365 CRM data to its last known state

Undo changes & restore records in Dynamics 365 CRM with a single click

Click2Undo is a productivity app that helps you to undo changes in the data in Dynamics 365 CRM with a single click. Be it the last change that you’d want to restore, or the changes that were done in the past which you would like to get back, Click2Undo can do it without any hassle. This provides a safety net within which users can conduct day-to-day activities without fear of losing data due to human or technical errors.
Click2Undo is available for Dynamics CRM 8.2 and above, Dataverse (Power Apps). It supports deployment models - On-Premises and Online.
Features
• Entity Support: Click2Undo provides support to all OOB as well as Custom Entities
• Undo Last Changes: Ability to restore the last changes done to a Dynamics 365 CRM record by clicking the Click2Undo button
• Undo Past Changes: Ability to undo past changes made to multiple fields on Dynamics 365 CRM records in one go using History button
• Undo Bulk Changes: Ability to undo changes on multiple records at one go.

#restore last state of dynamics 365 records #restoring deleted dynamics 365 records #recovering deleted dynamics 365 records #recover deleted dynamics crm records #dynamics 365 online recover deleted records #restore records dynamics crm

Mitchel  Carter

Mitchel Carter

1603569600

How to configure external DNS with DigitalOcean DNS extension on Plesk

As a customer-friendly hosting panel, Plesk’s entire architecture and ecosystem are strategically designed to streamline and simplify things for customers. Besides the availability of extensions, the menu empowers clients to self-manage various backend and front-end aspects of their website. One of the very useful extensions in this list is the DigitalOcean DNS extension. In this tutorial, we will learn how to configure an external DNS server quickly and safely with Plesk.

There are good chances that, as a genuine netizen, Domain Name Service shouldn’t be an alien word for you. But sharing more knowledge never hurts. So, let’s dig deeper into this before coming to the main topic.

DNS described in simple language

Think of DNS as a translator between you and the computer. DNS or Domain Name Server converts the simple English names like www.google.com into “computer language” of numerical codes.

This process of changing general domain names into computer language is called Resolving. The entity/agent that obtains the IP address by communicating with other servers is called DNS resolver. Loaded with sophisticated capabilities, Plesk can work as a reliable and competent DNS resolver.

Here is the USPs of Plesk as a DNS server resolver

  • It can act as a backup server
  • Quick and direct translation services
  • Facility to handle translation services on a remote server

How does DNS work?

A specific storage space containing specific domain addresses either in a file or an authorized server is called domain zones. There are two types of DNS servers – Root DNS servers and secondary DNS servers, commonly known as lower-level DNS servers.

Root DNS servers refer to a hierarchically arranged global storage system containing the entire DNS database and corresponding IP addresses for all domain names. When the requesting browser attempts to access, say www.myexample.com it requests the authorized server to get the corresponding IP address.

Next level DNS servers store partial DNS databases. These servers are owned by business entities or ISPs who have registered their computers on the DNS system. They run the DNS server software to initiate and manage the DNS resolution process. Each DNS server comes with a public IP as well as vital databases of other hosts including their network names and addresses.

The visitor enters the desired domain name in the address bar and hits enter. It initiates the communication between visitors’ system and DNS server. Acting as a DNS client the web browser requests DNS data from a DNS server which is run by the user’s Internet service provider. Acting on the request the server looks into the internal DNS database to find a matching IP address.

In case if the server fails to find the match it forwards the request to another secondary DNS server in the network. If the matching IP is not found there the request is then escalated to the root server containing the global DNS database. After getting the domain name and corresponding IP the data is returned to the web browser through the route of DNS network. This is known as forward DNS. There is another process known as reverse DNS but that is beyond the scope of this article. You can read about it here.

Delegating DNS zone responsibilities

As a domain name client, you can either allow your registrar to handle the DNS zone responsibilities or delegate it to Plesk. The latter option enables you to self manage your domain zone through your Plesk interface.

Just like most of us techies, DNS is also a multi-tasker. Along with translating domain names into IP addresses, it also delivers other vital data like information related to mail domain, IP validity status, etc.

Configure an external DNS server quickly and safely with Plesk

By default the Plesk works as a master DNS server for the hosted website, i.e., other DNS servers can directly transfer their zones file from it. You also have the option to use the third party DNS servers. In this guide, we present the step by step instructions on how to install a digital ocean DNS extension on Plesk.

  • Go to the Plesk Extensions Catalog.
  • Search for DigitalOcean DNS and click “Install on my server”
  • Open the extension.
  • It opens the page presenting two options for installation namely “0Auth Authentication” and “API token”

configure an external DNS server quickly and safely with Plesk - Plesk

Setting up your DigitalOcean DNS using Plesk Extension with API Token

Click on “API Token.” You would be prompted to enter a token. To generate the token, log into your digital ocean account and click API (left bottom). Click on “Generate a new token”. Enter your desired token name in the resultant dialogue box and click the button below it. You would see the details of the generated token. Copy the code.

Next, go to the Plesk tab, paste code in the box, and click the button below it. On the next screen, you can confirm that the digital ocean extensions have been connected. Click on the option “Activate all” and the extension will be active on all the connected domains.

#product and technology #tips and easy-reading #0auth authentication #api token #clouds #digitalocean #digitalocean dns #dns #dns servers #plesk extensions #tutorial

Vern  Greenholt

Vern Greenholt

1597820040

Secondary DNS — A faster, more resilient way to serve your DNS records

What is secondary DNS, and why is it important?

In DNS, nameservers are responsible for serving DNS records for a zone. How the DNS records populate into the nameservers differs based on the type of nameserver.

A primary server is a nameserver that manages a zone’s DNS records. This is where the zone file is maintained and where DNS records are added, removed, and modified. However, relying on one DNS server can be risky. What if that server goes down, or your DNS provider has an outage? If you run a storefront, then your customers would have to wait until your DNS server is back up to access your site. If your website were a brick and mortar store, this would be effectively like boarding up the door while customers are trying to get in.This type of outage can be very costly.

Now imagine you have another DNS server that has a replica of your DNS records. Wouldn’t it be great to have it as a back-up if your primary nameserver went down? Or better yet, what if both served your DNS records at all times— this could help decrease the latency of DNS requests, distribute the load between DNS servers, and add resiliency to your infrastructure! And that’s precisely what Secondary DNS nameservers were built for.

As businesses grow, they often scale their DNS infrastructure. We’re seeing more customers move away from two or three on-premise DNS servers to using a managed DNS provider to having multiple DNS vendors—all to increase redundancy against the possibility of a DDoS attack taking down one of their providers. Cloudflare has data centers in over 200 cities, all of which run our DNS software allowing our authoritative DNS customers to benefit from DNS lookups averaging around 11ms globally. So we decided to expand this functionality to customers who want to use more than one DNS provider, or for those that find it too complicated to move away from their on-premise DNS server.

#dns #analytics #secondary dns #data analytic

Wilford  Pagac

Wilford Pagac

1596848400

Critical DNS Bug Opens Windows Server to Infrastructure Takeover

Microsoft gives the ‘wormable’ flaw a security rating of 10 – the most severe warning possible.

A critical Microsoft Windows Server bug opens company networks to hackers, allowing them to potentially seize control of IT infrastructures. Microsoft issued a patch for the bug on Tuesday as part of its July Patch Tuesday roundup.

It turns out that the bug is 17 years old. Impacted are Windows Server versions from 2003-2019. The bug, found by researchers at Check Point, received a severity warning of 10 – the highest allowed. Most concerning to researchers however is that the bug is wormable, meaning a single exploit of the flaw can trigger a chain reaction that allows attacks to spread from one computer to another.

“[The] security flaw would enable a hacker to craft malicious DNS queries to the Windows DNS server, and achieve arbitrary code execution that could lead to the breach of the entire infrastructure,” according to Check Point researcher Sagi Tzaik, who is credited for finding the flaw.

Microsoft released a patch for the vulnerability, identified as CVE-2020-1350, and urged customers to prioritize an update to their systems. Check Point is calling the bug SigRed – a nod to the vulnerable DNS component and function “dns.exe”.

A hacker can gain Domain Administrator rights over the server, “enabling the hacker to intercept and manipulate users’ emails and network traffic, make services unavailable, harvest users’ credentials and more. In effect, the hacker could seize complete control of a corporation’s IT,” researchers wrote, in a technical analysis of the bug, posted Tuesday.

**Patching Is an Imperative     **

Upping the chance for exploitation by a hacker is the relatively simple prerequisites needed to exploit the vulnerability. “The likelihood of this vulnerability being exploited is high, as we internally found all of the primitives required to exploit this bug, which means a determined hacker could also find the same resources,” researchers noted.

“This issue results from a flaw in Microsoft’s DNS server role implementation and affects all Windows Server versions. Non-Microsoft DNS Servers are not affected,” Microsoft wrote in a post Tuesday. “While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible.”

Mechele Gruhn, principal security PM manager at the Microsoft Security Response Center, noted that “if applying the update quickly is not practical, a registry-based workaround is available that does not require restarting the server. The update and the workaround are both detailed in CVE-2020-1350.”

“CVE-2020-1350, a wormable remote code execution vulnerability in Windows DNS Server, could very well be the most critical Windows vulnerability released this year, receiving a rare 10 out of 10 CVSS score,” Chris Hass, director of information security and research at Automox, told Threatpost.

“A wormable vulnerability like this is an attacker’s dream. An unauthenticated hacker could send specially crafted packets to the vulnerable Windows DNS Server to exploit the machine, allowing for arbitrary code to be run in the context of the local system account. Not only will the attacker have full control of the system, but they will also be able to leverage the server as a distribution point, allowing the attacker to spread malware between systems without any user interaction. This wormable capability adds a whole other layer of severity and impact, allowing malware authors to write ransomware similar to notable wormable malware such as Wannacry and NotPetya,” Hass said.

Exploiting a 17-Year-Old Bug

The flaw itself is an integer-overflow bug that can trigger a heap-based buffer overflow attack tied to the DNS module called dns.exe, which is responsible for answering DNS queries on Windows Servers.

By abusing the dns.exe module, two attack surfaces were created by researchers. One is a “bug in the way the DNS server parses an incoming query.” And the second is “a bug in the way the DNS server parses a response (answer) for a forwarded query.”

The attack requires researchers to first force a Windows DNS Server to parse responses from a malicious DNS NameServer. This employs the dns.exe module, which parses all supported response types. One of those supported response types is for a Secure Internet Access (SIG) query called SIG(O). Researchers focused their attention on creating a request that exceeded the maximum size request of 65,535 bytes, and causing the overflow. By using compressed data, researcher were able to create a successful crash.

“Although it seems that we crashed because we were trying to write values to unmapped memory, the heap can be shaped in a way that allows us to overwrite some meaningful values,” they wrote.

This local attack then was replicated remotely, by “smuggling DNS inside HTTP” requests on Microsoft Explorer and Microsoft Edge browsers (Google Chrome and Firefox are not vulnerable to this type of attack). Because DNS can be transported over TCP — and Windows DNS Server supports this connection type – researchers were able to craft a HTTP payload.

“Even though this is an HTTP payload, sending it to our target DNS server on port 53 causes the Windows DNS Server to interpret this payload as if it was a DNS query,” they wrote. Researchers were able to circumvent HTTP protections against similar malicious HTTP payloads by “smuggling” DNS query data inside the POST data located in the HTTP request.

Chromium-class browsers (Google Chrome and Mozilla Firefox) do not allow HTTP requests to port 53, therefore the bug can only be exploited Internet Explorer and Microsoft Edge.

“Successful exploitation of this vulnerability would have a severe impact, as you can often find unpatched Windows Domain environments, especially Domain Controllers. In addition, some internet service providers (ISPs) may even have set up their public DNS servers as WinDNS,” Check Point wrote.

#vulnerabilities #web security #critical vulnerability #cve-2020-1350 #dns #dns nameserver #dns.exe #domain administrator #http request #july patch tuesday #microsoft patch #microsoft security response center #security bug #sigred #windns #windows server #wormable