Forwarded message:
>From net-troubleshooting@aggroup.com Mon Jul 7 10:43:29 1997
>X-POP3-Rcpt: ntrouble@aggroup
>Delivery-Date: Mon, 07 Jul 97 07:29:42 -0700
>Message-Id: <33C0C657.2071@acrcorp.com>
>Date: Mon, 07 Jul 1997 10:35:07 +0000
>From: Matt Leo <Matt@acrcorp.com>
>Reply-To: Matt@acrcorp.com
>Organization: Advanced Computer Resources
>X-Mailer: Mozilla 3.0Gold (Macintosh; I; PPC)
>Mime-Version: 1.0
>To: Net-Troubleshooting <Net-Troubleshooting@aggroup.com>
>Subject: Solution to MacDNS problem (keywords MacDNS DNS Macintosh firewall)
>Content-Type: text/plain; charset=us-ascii
>Content-Transfer-Encoding: 7bit
>Precedence: Bulk
>
>Earlier I posted a problem about MacDNS crashing on a 6100/66. We went
>through several machines and O/S upgrades to no avail.
>
>I have since solved the problem, and I am posting the solution here.
>
>The problem turned out to be that the firewall was sending DNS requests
>at a sufficiently high rate to crash MacDNS. Among other things, the
>firewall attempted to resolve the inverse domain name of every URL
>requested by users. This could amount to bursts of several DNS requests
>per second over several seconds.
>
>This may have possibly resulted in some buffer in either the MacOS or
>MacDNS being overrun (Warning: this might be used for a D.O.S. attack on
>sites using MacDNS) and a subsequent O/S crash. This problem may or may
>not apply to other Mac based DNS products.
>
>The solution is to reconfigure the bastion host to use its own name
>resolver. However, this may expose some internal DNS information to the
>outside world; we are considering using packet filtering to address
>this problem.
>
>
>
-- Dan Brown dbrown@seismo.css.gov