using bind for blacklist of domains

dhottinger at harrisonburg.k12.va.us dhottinger at harrisonburg.k12.va.us
Tue Mar 24 22:12:52 UTC 2009 

Quoting Kevin Darcy <kcd at chrysler.com>:

> dhottinger at harrisonburg.k12.va.us wrote:
>> Quoting Doug McIntyre <merlyn at dork.geeks.org>:
>>
>>> In comp.protocols.dns.bind you write:
>>>> Has anyone used their internal dns server for blacklisting? I would
>>>> like to specifically block access to domains that are spreading
>>>> malware. I was grepping around the internet and fell upon this
>>>> website http://www.malwaredomains.com/, but dont seem to be able to
>>>> get my internal name server to like any of the configs I push on it.
>>>> thanks for any advice that might be offered.
>>>
>>> It should be easy enough to take the list, parse it into config line
>>> items pointing to a single zone file that just maps * to 127.0.0.1 or
>>> something.
>>>
>>> Or you could just use OpenDNS?
>>>
>>> (Not that I use them, but thats one of the free features they support).
>>>
>>
>> Sounds good and that is what I thought (except for OpenDNS),   
>> however I created a zone file named blacklist.host and added an   
>> entry into my named.conf file that said
>> zone "00.devoid.us" {
>> type master;
>> file "blockeddomains.host";
>> };
>>
>> When I restart named I get the following error message in my message logs:
>>
>> Mar 24 14:14:14.970 dns_master_load: blockeddomains.host:9: no   
>> current owner name
>> Mar 24 14:14:14.971 zone 00.devoid.us/IN: loading master file   
>> blockeddomains.host: no owner
>> I actually have 8 existing zones on this server and they each have   
>> a root server listed in their zone files. Do I need to have a root   
>> server in this one?
>>
> This isn't an architecture problem, it's a syntax error in the zone file.
>
> If you post the contents of the file, up to line 9, we should be able
> to spot the syntax error and explain to you how to fix it.
>
> - Kevin
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

Contents of blockeddomains.host:
   $TTL    86400   ; one day

   @       IN      SOA     ns.hhs.harrisonburg.k12.va.us
                          (
                           2004061000       ; serial number 09032401
                           28800   ; refresh  8 hours
                           7200    ; retry    2 hours
                           864000  ; expire  10 days
                           86400 ) ; min ttl  1 day
                   NS      ns1.harrisonburg.k12.va.us.
                   NS      ns2.harrisonburg.k12.va.us.

                   A       0.0.0.0

   *               IN      A       0.0.0.0


thanks,

ddh


-- 
Dwayne Hottinger
Network Administrator
Harrisonburg City Public Schools

"Everything should be made as simple as possible, but not simpler."
-- Albert Einstein

"The hottest places in Hell are reserved for those who, in times of moral
crisis, preserved their neutrality."
-- Dante

More information about the bind-users mailing list