Poisoning & error messages question...
Carl Holtje
lists at freeside.dnsalias.org
Fri Jul 8 13:25:34 UTC 2005
All-
I'm looking for a way to prevent certain names from being resolved on a
small home network (host files are too cumbersome to keep synchronized,
so a network-wide solution is a must). I've currently employed a technique
by which I pose as the authority of a DNS zone, and query a null zone
file.
This works, but resolves to a "valid" IP (it does not reference an actual
system, but DNS doesn't reflect that fact.. so a program will resolve to
this non-existant address, and then try to contact it). What I'd like is
for my BIND9 server to reply with something akin to a 'host not found'
error message, and stop the attempt cold.
Is it possible to do this? I was thinkin' instead of resolving to an
address, not resolve anything (by removing the A entry).. While this seems
like it would work, it also seems like a big hack..
Suggestions, ideas?
Thanks!
Carl
More information about the bind-users
mailing list