"Stealing" an outside domain within a LAN
Stephen John Smoogen
smooge at gmail.com
Mon Nov 20 22:40:14 UTC 2006
On 11/18/06, Wes Groleau <groleau+news at freeshell.org> wrote:
> I am successfully running BIND 9.2.2 on MacOS 10.3.9
> to give all my machines 192.168 addresses with a TLD
> of "local"
> But I also want to "shanghai" some unsavory
> malware domains. In other words,
> if my Windows box asks the Mac for
> subdom.I-spy.com the Mac should return
> "not found" instead of going out to the
> root nameservers.
In most cases, I set up new master zones for each domain I am going to
shanghai. Thus I have a zone for 'ispyourkeyboard.example.' and put in
a wildcard for it grab all things.. related to it. I make sure that
the internal DNS servers are 'authoritative' for these miscreant
zones... and that internal boxes aren't able to go to other DNS
> How do I do that?
> I should be able to just put them in my hosts file,
> but (1) that won't catch any subdomains I didn't predict
> and (2) there seems to be a bug in this version of Mac OS
> in that it ignores the config file commands to use
> /etc/hosts first and goes to DNS instead.
> Wes Groleau
> "Thinking I'm dumb gives people something to
> feel smug about. Why should I disillusion them?"
> -- Charles Wallace
> (in _A_Wrinkle_In_Time_)
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
More information about the bind-users