"Stealing" an outside domain within a LAN
groleau+news at freeshell.org
Tue Nov 21 04:14:17 UTC 2006
Stephen John Smoogen wrote:
> On 11/18/06, Wes Groleau <groleau+news at freeshell.org> wrote:
>> But I also want to "shanghai" some unsavory
>> malware domains. In other words,
>> if my Windows box asks the Mac for
>> subdom.I-spy.com the Mac should return
>> "not found" instead of going out to the
>> root nameservers.
> In most cases, I set up new master zones for each domain I am going to
> shanghai. Thus I have a zone for 'ispyourkeyboard.example.' and put in
> a wildcard for it grab all things.. related to it. I make sure that
> the internal DNS servers are 'authoritative' for these miscreant
> zones... and that internal boxes aren't able to go to other DNS
Please excuse my newbie-ness. I know how to make another zone file,
but how do I pretend to be authoritative?
I'm not worried about confusing the outside world,
as my firewall won't allow DNS queries to get in.
There ain't no right wing,
there ain't no left wing.
There's only you and me and we just disagree.
(apologies to Jim Krueger)
More information about the bind-users