"Stealth" bind server in uncooperative organization
Brad Knowles
brad at stop.mail-abuse.org
Thu Jun 30 17:54:00 UTC 2005
At 6:38 AM -0700 2005-06-30, meburr at gmail.com wrote:
> I had another thought: Is there some exotic way I could use a wildcard
> record? I could have a record for each of my hosts, then somehow
> forward *.foo.com queries.
Wildcards don't work that way. They only work to cover queries
for names which have absolutely no records at all. If the name
exists anywhere in the DNS, even just a single "A" record for the IP
address, that will keep a wildcard from matching that name for
anything else.
--
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the bind-users
mailing list