"Stealing" an outside domain within a LAN
Wes Groleau
groleau+news at freeshell.org
Tue Nov 21 04:14:17 UTC 2006
Stephen John Smoogen wrote:
> On 11/18/06, Wes Groleau <groleau+news at freeshell.org> wrote:
>> But I also want to "shanghai" some unsavory
>> malware domains. In other words,
>> if my Windows box asks the Mac for
>> subdom.I-spy.com the Mac should return
>> "not found" instead of going out to the
>> root nameservers.
>
> In most cases, I set up new master zones for each domain I am going to
> shanghai. Thus I have a zone for 'ispyourkeyboard.example.' and put in
> a wildcard for it grab all things.. related to it. I make sure that
> the internal DNS servers are 'authoritative' for these miscreant
> zones... and that internal boxes aren't able to go to other DNS
> servers.
Please excuse my newbie-ness. I know how to make another zone file,
but how do I pretend to be authoritative?
I'm not worried about confusing the outside world,
as my firewall won't allow DNS queries to get in.
--
Wes Groleau
There ain't no right wing,
there ain't no left wing.
There's only you and me and we just disagree.
(apologies to Jim Krueger)
More information about the bind-users
mailing list