Blocking invalid DNS requests
Brad Knowles
brad.knowles at skynet.be
Wed Jun 27 20:20:41 UTC 2001
At 12:09 PM -0500 6/27/01, WEBMASTER wrote:
> How do I stop these requests at my DNS server, so that they don't
> get forwarded to the ROOT server? I can't keep the users from making
> these requests, and I find that allowing my DNS server to query WINS
> doesn't help either. I am running a port of BIND 8.2.x.
You should really fix the clients. However, that said, I believe
that there was some comments for a recent update of BIND 9 that would
refuse to forward queries to the root servers, if it obviously could
not be answered.
However, this would require that you upgrade the version of BIND
you're using, to at least 9.1.2-REL, or preferably the latest release
candidate for 9.1.3.
--
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
More information about the bind-users
mailing list