RAC Attack - Oracle Cluster Database at Home/RAC Attack 12c/Complete DNS Setup

  1. Open a session on collabn2.
  2. Stop the DNS service.
    [root@collabn2 ~]# service named stop
    Stopping named: .                                          [  OK  ]
    
  3. Remove the actual DNS files.
    [root@collabn2 ~]# rm -f /var/named/racattack /var/named/in-addr.arpa
    
  4. Modify the file /etc/named.conf by using the following command:
    sed -i -e 's/listen-on .*/listen-on port 53 { 192.168.78.52; };/' \
    -e 's/type master;/type slave;\n masters  {192.168.78.51; };/' \
    /etc/named.conf
    

    so that at the end it looks like this one:

    options {
           listen-on port 53 { 192.168.78.52; };
           listen-on-v6 port 53 { ::1; };
           directory       "/var/named";
           dump-file       "/var/named/data/cache_dump.db";
           statistics-file "/var/named/data/named_stats.txt";
           memstatistics-file "/var/named/data/named_mem_stats.txt";
           allow-query     { 192.168.78.0/24; localhost; };
           allow-transfer  { 192.168.78.0/24; };
           recursion yes;
    
           dnssec-enable yes;
           dnssec-validation yes;
           dnssec-lookaside auto;
    
           /* Path to ISC DLV key */
           bindkeys-file "/etc/named.iscdlv.key";
    
           managed-keys-directory "/var/named/dynamic";
    };
    
    logging {
           channel default_debug {
                   file "data/named.run";
                   severity dynamic;
           };
    };
    
    zone "." IN {
           type hint;
           file "named.ca";
    };
    
    include "/etc/named.rfc1912.zones";
    include "/etc/named.root.key";
    
    zone "racattack" {
     type slave;
     masters  { 192.168.78.51; };
     file "racattack";
    };
    
    zone "in-addr.arpa" {
     type slave;
     masters  { 192.168.78.51; };
     file "in-addr.arpa";
    };
    
  5. Start the named service.
    [root@collabn2 ~]# service named start
     Starting named:                                            [  OK  ]
    
  6. Check that both the master on collabn1 and slave on collabn2 DNS servers are working.

    Run all the following statements to verify the correct configuration of both DNS servers:

    [root@collabn2 ~]# dig @collabn1 collabn1.racattack
    [root@collabn2 ~]# dig @collabn1 collabn2.racattack
    [root@collabn2 ~]# dig @collabn1 collabn1-vip.racattack
    [root@collabn2 ~]# dig @collabn1 collabn2-vip.racattack
    [root@collabn2 ~]# dig @collabn1 collabn1-priv.racattack
    [root@collabn2 ~]# dig @collabn1 collabn2-priv.racattack
    [root@collabn2 ~]# dig @collabn1 collabn-cluster-scan.racattack
    
    [root@collabn2 ~]# dig @collabn2 collabn1.racattack
    [root@collabn2 ~]# dig @collabn2 collabn2.racattack
    [root@collabn2 ~]# dig @collabn2 collabn1-vip.racattack
    [root@collabn2 ~]# dig @collabn2 collabn2-vip.racattack
    [root@collabn2 ~]# dig @collabn2 collabn1-priv.racattack
    [root@collabn2 ~]# dig @collabn2 collabn2-priv.racattack
    [root@collabn2 ~]# dig @collabn2 collabn-cluster-scan.racattack
    


Last modified on 26 September 2013, at 15:06