"Stealing" an outside domain within a LAN

Wes Groleau groleau+news at freeshell.org
Tue Nov 21 04:14:17 UTC 2006

Stephen John Smoogen wrote:
> On 11/18/06, Wes Groleau <groleau+news at freeshell.org> wrote:
>> But I also want to "shanghai" some unsavory
>> malware domains.  In other words,
>> if my Windows box asks the Mac for
>> subdom.I-spy.com the Mac should return
>> "not found" instead of going out to the
>> root nameservers.
> In most cases, I set up new master zones for each domain I am going to
> shanghai. Thus I have a zone for 'ispyourkeyboard.example.' and put in
> a wildcard for it grab all things.. related to it. I make sure that
> the internal DNS servers are 'authoritative' for these miscreant
> zones... and that internal boxes aren't able to go to other DNS
> servers.

Please excuse my newbie-ness.  I know how to make another zone file,
but how do I pretend to be authoritative?

I'm not worried about confusing the outside world,
as my firewall won't allow DNS queries to get in.

Wes Groleau

    There ain't no right wing,
    there ain't no left wing.
    There's only you and me and we just disagree.
                               (apologies to Jim Krueger)

More information about the bind-users mailing list