Hiding NS Records

rengland rengland at lucent.com
Fri Mar 16 17:34:40 UTC 2001 

We have written a shell script to just that.

-B

> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Brad Knowles
> Sent: Friday, March 16, 2001 11:50 AM
> To: Smith, William E. (Bill), Jr.; bind-users at isc.org
> Subject: Re: Hiding NS Records
> 
> 
> 
> At 11:37 AM -0500 3/16/01, Smith, William E. (Bill), Jr. wrote:
> 
> >  We are running a secondary name server(for testing 
> purposes) whose NS record
> >  we want to hide from the outside world.  It's behind a 
> firewall so queries
> >  against it won't get a response; however, we would just 
> like to have the NS
> >  record for that server removed altogether.  Is it possible 
> to do this? If
> >  so, what is the syntax. I've done some searching and 
> haven't come across
> >  anything...obvious at least to address this.
> 
> 	Sure, just don't list that machine.  It will know that it is 
> primary for that domain (or set of domains) through the 
> /etc/named.conf file, and doesn't need to show up in the SOA record 
> or as one of the advertised NS RRs at all.
> 
> 	No problem.
> 
> --
> Brad Knowles, <brad.knowles at skynet.be>
> 
> /*     efdtt.c     Author:  Charles M. Hannum 
> <root at ihack.net>             */
> /*                                                            
>              */
> /*     Thanks to Phil Carmody <fatphil at asdf.org> for 
> additional tweaks.    */
> /*                                                            
>              */
> /*     Length:  434 bytes (excluding unnecessary newlines)    
>              */
> /*                                                            
>              */
> /*     Usage is:  cat title-key scrambled.vob | efdtt 
> >clear.vob           */
> /*     where title-key = "153 2 8 105 225" or other similar 
> 5-byte key     */
> 
> #define m(i)(x[i]^s[i+84])<<
> unsigned char 
> x[5],y,s[2048];main(n){for(read(0,x,5);read(0,s,n=2048);write(1,s
> ,n))if(s[y=s[13]%8+20]/16%4==1){int 
> i=m(1)17^256+m(0)8,k=m(2)0,j=m(4)17^m(3)9^k
> *2-k%8^8,a=0,c=26;for(s[y]-=16;--c;j*=2)a=a*2^i&1,i=i/2^j&1<<2
> 4;for(j=127;++j<n
> ;c=c>y)c+=y=i^i/8^i>>4^i>>12,i=i>>8^y<<17,a^=a>>14,y=a^a*8^a<<
> 6,a=a>>8^y<<9,k=s
> [j],k="7Wo~'G_\216"[k&7]+2^"cr3sfw6v;*k+>/n."[k>>4]*2^k*257/8,
> s[j]=k^(k&k*2&34)
> *6^c+~y;}}

More information about the bind-users mailing list