Question

DNS lookup for canarytokens.com fails

Posted August 28, 2020 730 views
DNS

I’m trying to use CanaryTokens in one of my servers. The token kept failing to work on the droplet but worked everywhere else. I found that running “nslookup canarytokens.com” on the server failed:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:     127.0.0.53
Address:    127.0.0.53#53

** server can't find canarytokens.com: SERVFAIL

So I tried https://www.digitalocean.com/community/tools/dns and it also fails but the domain exists.

Can you please take a look? Thanks in advance.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
2 answers

Hi there @ghecho,

As far as I can see something looks off with your nameservers:

https://www.whatsmydns.net/#NS/canarytokens.com

When did you last change your nameservers? Note that it might take up to 24-48 hours after a DNS change for the DNS cache to clear over the Globe.

Regards,
Bobby

  • I don’t own that domain, it’s a service from Thinkst Canary. I’ll try to contact them and see if they have more info about the issue.

    Thanks

Hi,
At the moment you can apply a workaround for this problem by adding a line in /etc/hosts file.

52.18.63.80 canarytokens.com

Next, try to set up a Canary Token. But bear in mind that their server IP may be changed in process of time, so you must control it from time to time.

  • Thank you, I think I will investigate further and try to get the root issue solved because of the exact problem you mention, that I don’t want to have to monitor the DNS changes manually.