Mail in a box of DNS server

Hay so uh the mail in a box DNS server is vulnerable to amplification attacks what should I do about that or how will that be fixed

I don’t understand the screenshot - pretty much any DNS server would respond in the way described in the sscreenshot. Can you be more specific?

I am unable to repeat your results:

$ host
Using domain server:

Host not found: 5(REFUSED)

(Note I am on Linux, which if I understand it correctly host is the equivalent to Windows nslookup.)

I get the same result using my own MiaB as well as the one for the domain in the image.

Normally it shouldn’t be responding it should only be responding with the ones that it’s serving not others unless you’re running like a public DNS server that’s supposed to serve people’s dns’s

I have not been able to reproduce this either. In all cases, I get a REFUSED when attempting to query your MiaB DNS server for as should be.

Perhaps you did an incorrect lookup? I am not familiar with the syntax of Windows ‘command line’… however, entering the same on a Ubuntu command line will return the correct DNS lookup for You may have missed a very important bit of syntax. Again though, I do not know the correct syntax for Windows.

For Ubuntu: dig

Same here, can’t reproduce. dns lookups are denied

Server:  UnKnown
Address:  116.203.235.<XXX>

*** UnKnown can't find Query refused

Server:  UnKnown
Address:  116.203.235.<XXX>

*** UnKnown can't find Query refused

Aren’t amplification attacks a problem of recursive domain name servers? If I understand the configuration of MIAB correctly, nsd4 faces externally and this is a non-recursive server. Bind9 is used to internally to provide a recursive server. Among other things, shouldn’t this ameliorate the attack type you mention?

I am by no means an expert in this area so please don’t take this as gospel but merely a suggested line of research to understand whether there is a potential problem.


I think It was just windows? but Linux does what you say

ok i know why its doing it its because my isp is having it use its own dns when the dns the pc uses does not give its info

Nevermind it’s doing it again I’m sshed into my Linux server and it’s doing it again so this is more than likely not a Windows issue

Is this the MiaB server, or a different server?

I did it on 2 of my VPSs 1 is the MiaB VPS and 1 on my windows PC

When I run host I get the same result of REFUSED, no matter what MiaB install I run the test with.

You problem seems local as nobody has discovered the same problem with any MiaB install.

In fact, while logged into my MiaB, which is, I get the REFUSED response.

can i pm you the info?

I feel like it would be a bad idea to post it here as it has my servers IPs

Solved in PMs thanks for the great help