Lockedsimpledns - how does HC comminucate with simpledns

Page: 12 > Showing page 1 of 2
Author
agermose
Senior Member
2009/10/30 07:36:48 (permalink)

simpledns - how does HC comminucate with simpledns

how should simpledns be setup, by what way does HC communicate with simpledns?
#1

15 Replies Related Threads

    patrick
    Premium Member
    Re:simpledns - how does HC comminucate with simpledns 2009/10/30 11:07:19 (permalink)
    I am using simple Dns Plus 5.1 with HC8 and it works good. What kind of setup instructions you looking for ?
    #2
    agermose
    Senior Member
    Re:simpledns - how does HC comminucate with simpledns 2009/10/31 00:36:46 (permalink)
    a secure one :) we are also running it and HC set it up, but im surprised to see that there is no password set for the API access and no option to do so in HC8 admin. So Im sort of hoping that its not using API and not just one of the many security issues/bugs/design issues we have found already in our 3 weeks with HC8
    #3
    Tahir
    HC Staff
    Re:simpledns - how does HC comminucate with simpledns 2009/11/01 23:45:13 (permalink)
    There is no special setting require to use simple Dns with HC panel, all you will need to provide Zone data directory in DNS manager setting ( server manager---Edit Server ).

    Incase if there any additional setting in simple dns for security purpose then check in the dns server directory or consult for additional info on simple dns forum.
    #4
    agermose
    Senior Member
    Re:simpledns - how does HC comminucate with simpledns 2009/11/02 08:37:02 (permalink)
    ok, so HC is not actually using the simpledns api but writing the zonefiles directly to disk? So I can close the API access then.
    #5
    Tahir
    HC Staff
    Re:simpledns - how does HC comminucate with simpledns 2009/11/02 20:18:03 (permalink)
    It is obvious that HC communicate with 3rd party applications using their API. That's include simple dns too.
    #6
    agermose
    Senior Member
    Re:simpledns - how does HC comminucate with simpledns 2009/11/02 22:50:51 (permalink)
    sorry, its just Im so bad a english it seams. I was sure that the first comment was "no we are not using API we just write to the data dir of SIMPLEDNS" and now the comment is "yes of cause what a stupid question".

    Its a very nice idea to sign comments not as "HC Tech" only but maybe with a name also so we know how we are talking to.

    Anyway, since you ofcause use API then maybe it would be a good idea to at least use a password and not just leave the dns server wide open to the world?
    #7
    Tahir
    HC Staff
    Re:simpledns - how does HC comminucate with simpledns 2009/11/02 22:59:03 (permalink)
    Not sure why you assume that we don't use Api for simple Dns, after all it is very clear that all 3rd party softwares could only be integrated in a application using API.


    Anyway, since you ofcause use API then maybe it would be a good idea to at least use a password and not just leave the dns server wide open to the world?


    Not sure why you are asking about password protected Dns setting in HC panel. Maybe you should explain it in detail
    #8
    agermose
    Senior Member
    Re:simpledns - how does HC comminucate with simpledns 2009/11/02 23:06:17 (permalink)
    hi

    well, I dont actually assume anything, thats why I was asking - do HC8 use API? Because if it does it think its very strange that HC8 leaves the DNS api access wide open because its not setting the password to use for communicating with simpledns anywhere. And looking at the simpledns config its also setup without password.

    so I asked - is HC8 using api? And the first awnser looked like it was saying "no, we write to the datadir" so I asked again to be clear "so you are NOT using API?"

    ok, its clear from what you are writing HC8 is using API.

    Next question is then: why is it running without any password protection? My simpledns, setup by HC is running without a password set for API communication and I dont see where to change this in HC - I know where to change this in simpledns.
    #9
    Tahir
    HC Staff
    Re:simpledns - how does HC comminucate with simpledns 2009/11/02 23:20:01 (permalink)

    Next question is then: why is it running without any password protection? My simpledns, setup by HC is running without a password set for API communication and I dont see where to change this in HC - I know where to change this in simpledns.


    If different applications communicate with each other via API this doesn't mean it is wide open for security breach.
    We have same implementation not only for simple dns but other applications too but never heard such query from other HC customers.
    #10
    agermose
    Senior Member
    Re:simpledns - how does HC comminucate with simpledns 2009/11/02 23:41:11 (permalink)
    as for the last part: no customers have complained or asked :) thats the 2. time I hear that from HC - it does not actually mean there is no problem - just that nobody cared to check.

    that they did not care to check simply rely on the fact, I think, that they are expecting HC to deliver a secure setup - maybe they dont even know better, but Im guessing most simply rely on the system they paid you to deliver.

    anyway, its not really a question of did our customers complain or not. Its simply a question of what are you actually doing or not doing.

    in simpledns you are free to use ALL api calls, including add/update/delete, as long as you know the username (always admin) and the password. Since it seams that HC does not use the password, in my world this means that simpledns is wide open to do what every you want.

    the "wide open" does not come from using API ofcause - it comes from not using any of the security features but actually disabling any security.


    #11
    Tahir
    HC Staff
    Re:simpledns - how does HC comminucate with simpledns 2009/11/03 01:38:08 (permalink)
    First of all I would clear one thing that these applications (HC & simple Dns)  API is not word wide open. Even a Host can't do anything with it.
    Dns function calls embedded in HC code, and it is not open for anyone.

    As far as user concern, a end level user can only modify/update dns zone for his website, but can't do any action on other user zones.

    Regarding password protection, We are unable to find any instructions in simple Dns API which allows password protection. But if you have used their API and that instructions included in it then kindly show it to us. Which later I will forward to concern department.
    #12
    agermose
    Senior Member
    Re:simpledns - how does HC comminucate with simpledns 2009/11/03 02:10:25 (permalink)
    ok, maybe there is some misunderstand here :)

    Im starting to suspect that we are not talking about the same API - I hope there is more than one :)

    In simpledns admin you go to the api section and there you can create a password and say if the api should be enabled or not. If enabled you can call http://mysimplednsserver.com/listzones and stuff like this for updating, deleteing, listning and so on.

    If you enable a password, then you need this of cause - if not you can do this from any server that has access through the firewall and of cause from localhost. Since HC is installed on one of the webservers at least from this server there needs to be access to calling URLs like this - if we are talking about the samme kind of API access.

    so probably using the HC webadmin pages everything is ok, BUT the problem is that any other site on the same server will have access to the same API without any password protection. Wide open.

    what ever you have codein IN the HC code is not my concern (in this thread anyway), just that the http api of simple dns is left wide open for others to call and exploid from any other script on any other website on this server.

    (I never really understod why You needed to install HC on the webserver instead of installing it on the DNS server and dedicating this server as a "hc admin" server - again making a small contrib to security - keeping things apart)
    #13
    Tahir
    HC Staff
    Re:simpledns - how does HC comminucate with simpledns 2009/11/04 00:58:15 (permalink)

    In simpledns admin you go to the api section and there you can create a password and say if the api should be enabled or not. If enabled you can call http://mysimplednsserver.com/listzones and stuff like this for updating, deleteing, listning and so on.


    If this  require only one time at host level setting in simple Dns then you should enable this protection from there.

    Incase password protection require for every user website zone then I can consult with concern department.
    #14
    agermose
    Senior Member
    Re:simpledns - how does HC comminucate with simpledns 2009/11/04 01:02:41 (permalink)
    I did not understand a word of what you are trying to write, sorry.
    #15
    Page: 12 > Showing page 1 of 2
    Jump to: