DNS Doctoring

DNS-Icon
DNS Doctoring is a very useful tool, if your firewall supports it.  It does pretty much what the title says, it "doctors" the responses of DNS.  I use it alot in my existing infrastructure using my Cisco ASA firewalls.  Recently, we are migrating away from Cisco ASA, and I needed to know how to preform DNS Doctoring on Juniper SRX's.  Google to the rescue. While Juniper does an 'ok' job documenting this, in my searches, I ran across this blog post from Bart Jansens, where he gave his opinions about DNS Doctoring on a Juniper SRX.  The author made this comment, which I do not necessarily agr...
More

GoDaddy Jump Ship

GoDaddy has truly caused their own problems with their support of the SOPA bill.  After declaring support, they lost approx 40,000 domains and the number could be as high as 70,000 domains according to Time.com Personally, I received a call on Tuesday from GoDaddy customer service.  The first time in 3 years, asking me if I'm happy with the service.  I asked him if the call had anything to do with the 40,000 domains that jumped ship.  Of course, he could not say. Since then, GoDaddy has removed their support of SOPA, but it's too late for many.  Just by d...
More

The ASA version of PIX ‘alias’ command

I finally figured out, albeit late, on how to do the old "PIX" 'alias' command on a Cisco ASA. For those that remembered, the 'ALIAS' command would basically do a DNS rewrite.  If you have a webserver on your DMZ with a static ip on an outside address, your internal users wouldn't be able to access it.  DNS would return your outside IP, but because the address is on the outside interface, your users are coming in on an inside interface, and it wouldn't access it. So, you would use the 'alias' command to basically tell the PIX to "rewrite" the DNS response address to the DMZ add...
More