Competitor using my DNS servers

Danny Mayer mayer at gis.net
Wed Aug 28 16:15:01 UTC 2002


At 09:32 AM 8/22/02, NCKCN wrote:
>I had someone send me this:
>
>=====
>create a acl list
>and put it to blackhog in the options section.
>
>
>acl black_list { ips-you-want-to-restric; };
>
>options {
>
>   blackhole { black_list; };
>};
>===
>
>I'm not sure that I want either. I am an ISP and need to answer queries,
>just to block the competitor from using my DNS servers. Doesn't the acl do
>that for me pretty well?

In the sense that it will stop your server from responding to any queries
made by any address to your servers that your competitor uses (if it's in
the list) there's nothing wrong with that.

The advantage of using the allow-recursion option is that they can get to
your systems (including mail), but can't get to anyone else's. You want
them to come to you and switch ISP's since you will provide better service
(we hope). A blackhole list prevents them even doing that. Another
advantage of the allow-recursion is to prevent others from using your
servers and you do know all of the IP addresses that your ISP is
responsible for and you can put in the complete list.  You won't know
all of the IP addresses of your competitor or others who may want
to use your servers.

Danny



More information about the bind-users mailing list