When someone abuses DNS...
Brad Knowles
brad.knowles at skynet.be
Wed Jul 25 06:58:17 UTC 2001
At 7:42 PM -0400 7/24/01, Forrest Aldrich wrote:
> So, from a DNS perspective, what would one suggest I do to thwart some of
> this -- or at least make it difficult. I thought we could include his
> domains in our authoritative zones and distribute that around our PoPs --
> point the IP to 127.0.0.3 or something arbitrary. At least it would
> pretty much flatten some of his activity.
That sounds like a pretty good idea.
> Suggestions?
Hmm. Maybe submit this information to the MAPS RBL folks, and
see if you can get his domains added to the black list, especially
including the EBGP4 version? It'd be pretty hard for him to do his
thing if he can't get packets routed to his nameservers?
--
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
More information about the bind-users
mailing list