Custom Query (138 matches)

From a login on bbn-hn, i see:

bbn-hn,[~],13:39(0)$ nslookup
> server
Default server: 152.54.1.66
Address: 152.54.1.66#53
Default server: 192.1.249.10
Address: 192.1.249.10#53
> 8052.bbn.xo
Server:         152.54.1.66
Address:        152.54.1.66#53

** server can't find 8052.bbn.xo: NXDOMAIN
> 8064.bbn.xo
Server:         152.54.1.66
Address:        152.54.1.66#53

** server can't find 8064.bbn.xo: NXDOMAIN
> 192.168.103.2
Server:         152.54.1.66
Address:        152.54.1.66#53

** server can't find 2.103.168.192.in-addr.arpa.: NXDOMAIN
> 192.168.103.4
Server:         152.54.1.66
Address:        152.54.1.66#53

** server can't find 4.103.168.192.in-addr.arpa.: NXDOMAIN
> 

Based on Wednesday's call, i believe the DNS server at 152.54.1.66 should be serving records for things in bbn.xo (vlan 1006), so i think this is a bug.

Per Wednesday's call, the IP addresses which are used for the iSCSI array should be in /etc/hosts with .iscsi suffixes. That file contains:

##
## iSCSI - VLAN 1009
##
10.102.0.1              bbn-hn.iscsi
10.102.0.11             bbn-w1.iscsi
10.102.0.12             bbn-w2.iscsi
10.102.0.13             bbn-w3.iscsi
10.102.0.14             bbn-w4.iscsi

but does not contain the IP(s) for the interface(s) on the iSCSI itself. I think the iSCSI protocol in fact uses IP addresses on both ends, so there is an IP address on the iSCSI itself, and it should be recorded.

The publically-accessible node bbn-hn allows password-based SSH login. Explain how the node is protected against password-guessing attacks. GPO will verify that the specified mechanism works before closing the ticket.