"Stealing" an outside domain within a LAN

base60 nobody at whitehouse.com
Tue Nov 21 00:12:07 UTC 2006

Wes Groleau wrote:
> I am successfully running BIND 9.2.2 on MacOS 10.3.9
> to give all my machines 192.168 addresses with a TLD
> of "local"
> But I also want to "shanghai" some unsavory
> malware domains.  In other words,
> if my Windows box asks the Mac for
> subdom.I-spy.com the Mac should return
> "not found" instead of going out to the
> root nameservers.
> How do I do that?

Same way you would for your own zones.

You might want to make a generic zone table using the
local loopback and point them all to it to save yourself
some typing.

> I should be able to just put them in my hosts file,

No.  Too much work, not very flexible.

> but (1) that won't catch any subdomains I didn't predict
> and (2) there seems to be a bug in this version of Mac OS
> in that it ignores the config file commands to use
> /etc/hosts first and goes to DNS instead.

More information about the bind-users mailing list