time.windows.com and download.windowsupdate.com
Ben Croswell
ben.croswell at gmail.com
Wed Feb 11 15:29:12 UTC 2009
You certainly load the zone you don't own, but be aware the downside will be
every downstream domain or host under the two domains you load will be
blackholed.
In your examples:
1) Everything under time.windows.com will not be resolvable other than
time.windows.com. i.e. someotherhost.time.windows.com won't work
2) Everything under windowsupdate.com will not be resolvable other than
download.windowsupdate.com i.e. someotherhost.windowsupdate.com
As long as you are aware of and ok with those caveats you should be fine.
--
-Ben Croswell
On Sun, Feb 8, 2009 at 6:03 PM, <patatetom at gmail.com> wrote:
> Hi,
>
> I've just started with Bind and DNS, so...
>
> 1 I'm on a LAN where external ntp and Window$ update sites are denied.
> 2 we have, on this LAN a wsus and a ntp server
> 3 a fresh Window$ XP pro try download.windowsupdate.com for update and
> time.windows.com for synctime...
>
> Can I play with these two zones on my NS ?
>
> zone "time.windows.com" IN { type master; file "time.windows.com"; };
>
> @ IN SOA fake admin ( 20090201 8H 1H 2W 5D )
> IN NS fake
> fake IN A 172.20.0.2
> time.windows.com. IN A 172.20.0.2
>
> zone "windowsupdate.com" IN { type master; file
> "windowsupdate.com"; };
>
> @ IN SOA fake admin ( 20090201 8H 1H 2W 5D )
> IN NS fake
> fake IN A 172.20.0.2
> download.windowsupdate.com. IN A 172.20.0.2
>
> Thanks for help.
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090211/268ed63d/attachment.html>
More information about the bind-users
mailing list