nanog mailing list archives
Re: DNS Blocking
From: "Dan Mahoney, System Admin" <danm () prime gushi org>
Date: Thu, 19 Aug 2004 15:19:32 -0400 (EDT)
On Thu, 19 Aug 2004, Paul Vixie wrote:
danm () prime gushi org ("Dan Mahoney, System Admin") writes:What I was basically asking for was a "silently drop queries for X-domain" option. But one doesn't exist in bind.take a look at www.as112.net to see what happens to queries for 10.in-addr.arpa and its brothers. you can easily set up a zone that will just confuse and make errors for whoever queries it: @ SOA localhost hostmaster.localhost NS localhost localhost A 127.0.0.1 * MX 0 localhost A 127.0.0.1 (the specific name "localhost" is nec'y because glue searches aren't required to find wildcards.) if you put a zone like that in place on a server that's receiving unwanted queries for some zone, they will soon stop, or not. you win either way -- the queries stop, or you laugh your ass off.
There weren't rfc1918. -Dan
-- Paul Vixie
-- Amerikanskaya firma Transceptor Technology pristupila k poizvodstu komputerov "Personal'ni Sputnik" --Snap, "The Power" --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---------------------------
Current thread:
- DNS Blocking Dan Mahoney, System Admin (Aug 19)
- Re: DNS Blocking Paul Vixie (Aug 19)
- Re: DNS Blocking Dan Mahoney, System Admin (Aug 19)
- Re: DNS Blocking Duane Wessels (Aug 19)
- Re: DNS Blocking Paul Vixie (Aug 19)
- Re: DNS Blocking Mike Lewinski (Aug 19)
- Re: DNS Blocking Suresh Ramasubramanian (Aug 19)
- Re: DNS Blocking Paul Vixie (Aug 19)
- Re: DNS Blocking Dan Mahoney, System Admin (Aug 19)
- Re: DNS Blocking Paul Vixie (Aug 19)