Reverse lookup of selected IP addresses without delegation agreement?
Ralph
bind-users at sentries.org
Thu Jul 15 14:58:10 UTC 2004
Len Conrad wrote:
> so set up the specific IPs in your DNS as zones with one PTR record.
> spoofing complete.
So if I stick to my own example of mail.sourceforge.net, I'd use these
settings?
# named.conf
zone "206.250.35.66.in-addr.arpa" in {
type master;
file "206.250.35.66.zone";
};
# 206.250.35.66.zone
@ IN SOA ns.mydomain.tld. hostmaster.mydomain.tld. ( ... )
IN NS ns.mydomain.tld.
206.250.35.66.in-addr.arpa. IN PTR mail.sourceforge.net.
I want to make sure that I "intercept" only reverse lookups for the
selected hosts I choose to define, but let all other lookups pass
unmodified.
BTW, this would require a .zone file for each host, right? Or is it
possible to use one "hijacked.zone" with multiple entries if I make
use of $ORIGIN statements?
> With RFC 2317, the child zone's PTR records must match the CNAME
> rdata fields in the parent zone.
Can this cause any trouble for my users if I use the configuration
shown above?
Ralph
More information about the bind-users
mailing list