DNS Lying to Linux Clients ?

Herb Martin news at LearnQuick.com
Fri Aug 15 19:05:48 UTC 2003


> DNS Lying is when a DNS server lies to clients directing them to a
> specific web site (like a sign in page) regardless of what host the
> client asks for.
>
> What I'm finding is that it does not work with Red Hat 8 and Mandrake
> 9 clients (only ones tested so far).    It works with Windows and
> MacOS clients.

Unless I am missing something, it pretty much has to work if you
give the clients ONLY one DNS server to query.  (Or only DNS
servers that do this.)

In theory, a client could know the root servers and recurse for
itself, but most do not.  If you prevent them from contacting root
servers this would eliminate this possibility.

I found a similar problem (not DNS) with Internet Explorer and
it's use of proxies -- we lied to IE and told it to only bypass the
Proxy for "local addresses" (in the local table) but it was failing
to find anything at 127.0.0.1 and going to the Internet ANYWAY.

Needed to tell a better lie (a web server that answers and actually
gives a page error.)





More information about the bind-users mailing list