"Stealing" an outside domain within a LAN
Kevin Darcy
kcd at daimlerchrysler.com
Thu Nov 23 02:44:59 UTC 2006
Wes Groleau wrote:
> Stephen John Smoogen wrote:
>
>> On 11/18/06, Wes Groleau <groleau+news at freeshell.org> wrote:
>>
>>> But I also want to "shanghai" some unsavory
>>> malware domains. In other words,
>>> if my Windows box asks the Mac for
>>> subdom.I-spy.com the Mac should return
>>> "not found" instead of going out to the
>>> root nameservers.
>>>
>> In most cases, I set up new master zones for each domain I am going to
>> shanghai. Thus I have a zone for 'ispyourkeyboard.example.' and put in
>> a wildcard for it grab all things.. related to it. I make sure that
>> the internal DNS servers are 'authoritative' for these miscreant
>> zones... and that internal boxes aren't able to go to other DNS
>> servers.
>>
>
> Please excuse my newbie-ness. I know how to make another zone file,
> but how do I pretend to be authoritative?
>
>
If the zone is defined as either master or slave, you're authoritative
for it.
- Kevin
More information about the bind-users
mailing list