How to stop ActiveDirectory Requests on DNS Server ?
Cricket Liu
cricket at menandmice.com
Fri Nov 22 22:50:50 UTC 2002
Xavier wrote:
> I'm using a Bind 8.3.1 DNS SERVER on Solaris 2.8 Box.
Upgrade. See http://www.isc.org/products/BIND/bind-security.html.
> I have Sniffed some DNS traffic and i'm seeing lot's of requests :
>
> Standard query SRV _ldap._tcp.foo.msdcs.FooAgain
> Standard query SRV
> _ldap._tcp.c4ac1ec-5c9c1.domains._msdcds.FooAgainAgain Standard query
> SRV _kerberos._tcp.dc._msdcs.FooAgainAgain
>
> FooAgain, FooAgain and FooAgainAgain are LOCAL, web site, computer
> hostname ;etc..
>
> I'm looking for a technical solution that disable my dns server to
> look up these request on Root Servers.
> Maybe to drop these requests or make them resolved to 127.0.0.1.
>
> Thanks a lot for your help regarding my problem.
Unless FooAgain is a real zone, set up a minimal FooAgain zone on
your name server. For example:
zone "FooAgain" {
type master;
file "db.FooAgain";
};
db.FooAgain:
$TTL 1d
@ SOA ns1.FooAgain. root.FooAgain. (
2002112200 1h 15m 30d 1h )
NS ns1.FooAgain.
ns1 A <your name server's IP address>
cricket
Men & Mice
DNS Software, Training and Consulting
www.menandmice.com
The DNS and BIND Cookbook, available now!
http://www.oreilly.com/catalog/dnsbindckbk/
More information about the bind-users
mailing list