I’m trying to use CanaryTokens in one of my servers. The token kept failing to work on the droplet but worked everywhere else. I found that running “nslookup canarytokens.com” on the server failed:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:     127.0.0.53
Address:    127.0.0.53#53

** server can't find canarytokens.com: SERVFAIL

So I tried https://www.digitalocean.com/community/tools/dns and it also fails but the domain exists.

Can you please take a look? Thanks in advance.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers

Hi there @ghecho,

As far as I can see something looks off with your nameservers:

https://www.whatsmydns.net/#NS/canarytokens.com

When did you last change your nameservers? Note that it might take up to 24-48 hours after a DNS change for the DNS cache to clear over the Globe.

Regards,
Bobby

  • I don’t own that domain, it’s a service from Thinkst Canary. I’ll try to contact them and see if they have more info about the issue.

    Thanks

Hi,
At the moment you can apply a workaround for this problem by adding a line in /etc/hosts file.

52.18.63.80 canarytokens.com

Next, try to set up a Canary Token. But bear in mind that their server IP may be changed in process of time, so you must control it from time to time.

  • Thank you, I think I will investigate further and try to get the root issue solved because of the exact problem you mention, that I don’t want to have to monitor the DNS changes manually.

Submit an Answer