2 years, 7 months ago
На этой неделе вся доменная индустрия шумела по поводу покупки доменного портфеля MostWantedDomains, который приобрёл ведущий регистратор GoDaddy за неизвестную сумму. В пакет вошли около 70,000 имён старого разлива (без взрослой тематики и без новых зон) с жемчужинами класса 373.com, faculty.com, carauctions.com, ibill.com, bikerentals.com, kitchenchef.com и т.п.
Обе стороны договорились не разглашать условия контракта. Возможно, в будущем, кто-то с соколиным глазом сможет вычислить сумму на чеке с финансовых отчётов. Но кому интересно сегодня, по катом представлено руководство по оценке подобных виртуальных активов с возможными аргументами, которые можно использовать при торгах.
2 years, 7 months ago
In spite of the fact that almost everywhere we use domain names instead of IP addresses, tools for monitoring and control of a network traffic as a rule operate with IP addresses. Permission of names in general (and DNS in particular) is used quite conditionally.
It is connected with some features of work of DNS — the result of permission of a name in the address can quickly turn sour, the following request can return other address, results can differ depending on geography and the provider requesting.
Whether it is possible to have an actual look-up table of names and addresses for small networks? What domains were requested by users and what received IP addresses? With some clauses — yes.
2 years, 8 months ago
In this article the real method of receipt of the certificate from Let's Encrypt in the manual mode for its further installation on the Windows Web server (IIS/Microsoft Azure) or Linux (completely manual mode) will be described. Because of the absence of the official client under Windows for generation of the certificate the Linux distribution kit will be used.
Background: from the very beginning for the website of our Moscow company (according to the link the test beta certificate of Let's Encrypt is already set) the "simple" SSL certificate was necessary for confirmation of the domain and data encryption.
In the first opening days of requests for beta testing the decision to register was also made and recently the letter which reports that now the ACME program will generate the valid certificate for our domain came:
Further we decided to publish article with the step-by-step instruction of process that by the time of release you could already quickly create and begin to use the certificate.
2 years, 8 months ago
I want to pay your attention to an important, in my opinion, problem which neglect even the largest and innovation companies of the world. The problem consists in absence at the majority of domains of SPF record which protects the domain from its unauthorized use in e-mail. SPF (Sender Policy Framework) is text record in SPF and/or TXT records for the domain in DNS. Record contains information on the list of servers which have the right to send letters on behalf of this domain and the mechanism of processing of the letters sent from other servers. For example, SPF record "example.com. TXT "v=spf1 +a +mx-all"" says that the servers specified in A and MX records of this domain can send letters on behalf of the example.com domain, and the letters sent from other servers have to be deleted (Fail).
The increase in number of Internet users in developing countries involves need of development of the corresponding infrastructure, including DNS servers.
For the last some years the geography of the root DNS servers was significantly expanded. Still quite recently working nodes of root servers have been generally concentrated in Europe and the USA, today they appear in the countries of Asia, Africa, South America. This year one of nodes of the K-Root server has been set even in Iran from which up to the end western sanctions are still not removed.
The question of expansion of root DNS system is actual and for Russia. Certain contribution to its solution managed to be made also to us: in August of this year one of nodes of the root K-Root DNS server has been placed with us. In this article we will tell about its architecture and about participation in competition on its placement.
2 years, 9 months ago
In the article I want to present to dear habroobshchestvo practical guidance on assembly, setup and commissioning of the inexpensive and economic server on the Intel Atom platform and Centos 7 OS. This work does not apply for the full and exhaustive textbook and is expected more likely beginners, than professionals. If the person, before in eyes Linux which was not seeing is able to configure the first server by means of this article, I will consider the task executed.
The first part of article (small on volume) is devoted to hardware component, and the second, main part — to detailed process description of setup on this equipment of Centos 7 system. To whom it is interesting, I ask under kat.
In the course of setup of clients of service AD under control of Ubuntu Linux OS, I have faced untimely updating of records on the DNS server means of Samba, and also incorrect work of the "net ads dns register" team. That causes sopustvuyushchy problems during the work with domain computers.
For example, availability of two DNS servers in dhclient.conf leads to emergence of the error "ERROR_DNS_GSS_ERROR" after execution "net ads dns register - P".
In search of solution of this problem I have re-read many articles and bug contango, and have come across the article "The Safe Dynamic DNS Updating of Records in Windows the Domain from Linux (GSS-TSIG)". The idea has seemed to me interesting. But I had not liked solution with creation of the separate user account of the domain which has the rights for change of all records of DNS zone. First, it is potentially unsafe. Secondly, in Windows already exist ready solution: each computer login account has the right to change the record to DNS. Why not to use it?
I have taken learn-address.sh script from Warlock_ua as basis, and have finished it taking into account the needs. And here that has turned out.
2 years, 11 months ago
All hi. In this article I would like to talk how it is possible to adjude domain name at cybersquatters. It will be a question of the archlinux.ru domain. The main problem that the court needs to provide the proof of infringement of exclusive rights. But I am not any organization or SP, I simply make the contribution to development of the project. It seems to me that thus I have certain rights which I can protect.
I have as much as possible in detail studied question of domain disputes and have started studying the legislative moments on which I will lean. But I need still the small help / consultation of the people understanding in these questions.
Clear business that "on peace" nobody is going to give the domain. About repayment too there cannot be speech as they ask fantastic sum: from 1000 euros. Even if they would ask 1000 rubles, I still would think, after all there is no wish to support their business. It is possible of course to try to talk to the administrator, having told that specifically no company for millions will buy this domain from it, community too, and it will get only red tape with vessels. But before it I would like to be supported legally.
Readdressing the client at request of the "advertising" domain, for example, on loopback (127.0.0.1 — 127.255.255.255), instead of a kotent of advertizing the client will receive fertile "nothing" (certainly provided that the local Web server which listens lokalkhost does not work for us). The filtering mechanism quite old is also not deprived of shortcomings. For example, it is impossible to specify masks of hosts (*.ad-domain.tld) or "to cut" advertizing which banners are hosted on required resources. But it is not attached to some or to the protocol and is quite easy-to-work. Moreover, if to use it, for example, on house or office router which is used as the DNS server advertizing will successfully be cut on all gadgets where IP of our piece of iron is prescribed the first as the DNS server.
But what if at us instead of a router with a custom firmware MikroTik (RouterOS) which functionality imposes some restrictions is used …? Under a cat you learn how it was succeeded "to convert" successfully the file of hosts in a format, suitable for it, how to automate this business and that for habralyudy as a bonus small service just for automation of this process was created (small, absolutely free and with open source codes).
I sat and thought, the TV Samsung, WinPhone, (and afterwards the coffee maker and the vacuum cleaner can) show superimportunate advertizing, it is necessary chtoto to do with it, both times in WinPhone and the TV (the coffee maker, the vacuum cleaner) of plug-in of AdBlock are not present, it has to be there where their traffic, on router goes.