Slowing down bind answers ?
Nicolas C.
bind at nryc.fr
Sat Jan 4 19:58:50 UTC 2014
On 03/01/2014 18:00, WBrown at e1b.org wrote:
> From: Mark Andrews <marka at isc.org>
>> After that specify a final date for them to fix their machines by
>> after which you will send NXDOMAIN responses. Sometimes sending a
>> poisoned reponse is the only way to get peoples attention.
>>
>> zone "." {
>> type master;
>> file "empty";
>> };
>>
>> empty:
>> @ 0 IN SOA . stop.using.this.nameserver 0 0 0 0 0
>> @ 0 IN NS .
>> @ 0 IN A 127.0.0.1
>
> Or really mess with them and answer all A queries with 199.181.132.249
It's not a bad idea. I could wildcard all requests to an internal HTTP
server saying that the DNS configuration of the client is deprecated.
More information about the bind-users
mailing list