× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2008

RES: RES: DNS on IBM i (Was Re: DHCP on the AS/400)

Rob,

You can find further details here:
http://www.kb.cert.org/vuls/id/800113

Regards,

Rubens

-----Mensagem original-----
De: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx]
Em nome de rob@xxxxxxxxx
Enviada em: quinta-feira, 11 de dezembro de 2008 17:44
Para: Midrange Systems Technical Discussion
Assunto: Re: RES: DNS on IBM i (Was Re: DHCP on the AS/400)

Interesting. We had IBM do benevolent hacking on us and IBM started arguing
with IBM over what bind level was required. IBM i finally agreed to up the
bind level awhile back. Haven't heard anything about this poisoning. And,
the i based dns is what the outside world hits. It's the dns in our dmz.
This weekend is one of our scheduled downtimes and yes we'll be dead during
that time.

Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From:
"Rubens Lehmann" <rubens@xxxxxxxxxxxxx>
To:
"'Midrange Systems Technical Discussion'" <midrange-l@xxxxxxxxxxxx>
Date:
12/11/2008 02:37 PM
Subject:
RES: DNS on IBM i (Was Re: DHCP on the AS/400)
Sent by:
midrange-l-bounces@xxxxxxxxxxxx



Hello,

I've received an alert from CERT.br stating we had cache poisoning
vulnerability, since then we've moved to third party servers and
restricted
DNS on IBM i.

We've found other indirect related problems on DNS on IBM i, port 53 is
blocked by some firewalls to prevent poisoning attacks, but by doing that
their addresses can't be resolved.

We've had several e-mails returned with "host name unknown" until that
cause
was found.

If you have other options better don't use it, fixes are planned only for
next year.

Regards,

Rubens





-----Mensagem original-----
De: midrange-l-bounces@xxxxxxxxxxxx [
mailto:midrange-l-bounces@xxxxxxxxxxxx]
Em nome de tkreimer@xxxxxxxxxxxxxxx
Enviada em: quinta-feira, 11 de dezembro de 2008 16:52
Para: Midrange Systems Technical Discussion
Assunto: Re: DNS on IBM i (Was Re: DHCP on the AS/400)

Ack, called to the field without my gear on...
I left the system that used DNS on the 400 several years ago, but to my
biggest beef was with the GUI did not work well (no specifics, sorry). I
also gave up on getting dynamic updates to work. Another issue was that to
make changes to a dynamic zone, I had to end the service for that zone,
make
changes and restart it. There was also a bug (eventually fixed by a PTF I
think) that caused DNS to continually not autostart, causing network
outages
after an IPL. . No opinion on editing the text files, it never occurred to
me to try it, at the time. Just not a positive experience, especially
compared to using DNS on W2K. My opinion anyway, I hope it does work for
everyone else.
===============================================
Tom Kreimer
Network Manager
Buckhorn Inc, Milford OH


Tom,

What do you find difficult about DNS on i? The GUI is very nice for
setting up or maintaining the thing. If you don't like that simply edit
the
text files in the IFS the way Unix propellerheads do as it's simply BIND
under the covers. It's easy to set up primary secondary relationships.
You
can run multiple servers on the same machine. It does forwarding, logging,
static and dynamic updates etc. It even works as the

DNS server in an active directory environment.

- Larry

Larry Bolhuis IBM Certified Advanced Technical Expert -
System i Solutions
Vice President IBM Certified Systems Expert:
Arbor Solutions, Inc. System i Technical Design and
Implementation V6R1
If you can read this, thank a teacher....and since it's in English,
thank
a soldier.





tkreimer@xxxxxxxxxxxxxxx
Sent by: midrange-l-bounces@xxxxxxxxxxxx
12/11/2008 11:24 AM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>


To
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
cc

Subject
Re: DHCP on the AS/400






This is one of the few programs without green-screen parity. You will have



to use OpsNav/iSeriers Navigator/whatever to configure it.
You can use CHGDCPA to set it to autostart, but that is about it.
I haven't used it, but I hope it is easier to use than the AS/400 DNS
server.
===============================================
Tom Kreimer
Network Manager
Buckhorn Inc, Milford OH


Does anyone use DHCP on the AS/400? How is it configured? Can I turn it on



"out of the box" and expect it to work?

Thank,

Albert



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.