Competitor using my DNS servers
Danny Mayer
mayer at gis.net
Wed Aug 28 15:39:47 UTC 2002
At 09:47 AM 8/26/02, NCKCN wrote:
>Danny,
>
>Didn't work. I can get forward lookups from anywhere.
Explain exactly what you mean by this. Any other server or client can query
your servers for domains that they are authorative for and you should be
answering their queries authoratively. If you don't own those domains, it
will only respond with a referral to the root servers.
> Maybe this would only
>work if someone was doing secondary off me. What I am trying to prevent is
>them setting up their clients with my DNS servers as their primary and
>secondary DNS server configuration. It appears that "allow-recursion"
>doesn't prevent this...
You may also what to try blackholing their addresses:
options {
blackhole {enemy-ISP-addresses;};
};
This will result in your not responding at all to any query that they may
make. Of course you need to know enough of their addreses to make
this workable. While setting up views and zones and responses may
be interesting, I doubt that you really have the time to play games with
this or want to have to maintain the resulting infrastructure.
You may also want to have your lawyers send a cease and desist
letter to that ISP. It may help.
Danny
More information about the bind-users
mailing list