Chris Henderson wrote:
> I am testing the recent DNS vulnerability against my secondary name server
> from my local machine
> ("dig @ +short TXT" and also
> "nslookup -querytype=TXT -timeout=10")
> But strangely it is giving me the result of my primary name server! Every time
> I try to query, it gives me back my primary name server's result. I also tried
> and
> My local machine's /etc/resolv.conf has only one nameserver entry - my
> secondary name server.
> Also, if I try to resolve a hostname I can query my secondary name server and
> get the answer back. So I know my secondary name server is working.
> Does anyone know how can I test the vuln. against my secondary name server?

Well, what's the config of your so-called "secondary nameserver"?

Does it just forward to the "primary"?

If so, then that's where the queries will be seen to originate, by the
vulnerability-testing tools.

Another possibility is that you have a NAPT device multiplexing both
your "primary" and "secondary" nameservers into single address. Since it
would need to use different port numbers to accomplish this, the exact
implementation/configuration details of the NAPT would have an effect on
whether you get a "good" or "ok" result from the vulnerability-testing

- Kevin