"Stealing" an outside domain within a LAN

Kevin Darcy kcd at daimlerchrysler.com
Thu Nov 23 02:44:59 UTC 2006


Wes Groleau wrote:
> Stephen John Smoogen wrote:
>   
>> On 11/18/06, Wes Groleau <groleau+news at freeshell.org> wrote:
>>     
>>> But I also want to "shanghai" some unsavory
>>> malware domains.  In other words,
>>> if my Windows box asks the Mac for
>>> subdom.I-spy.com the Mac should return
>>> "not found" instead of going out to the
>>> root nameservers.
>>>       
>> In most cases, I set up new master zones for each domain I am going to
>> shanghai. Thus I have a zone for 'ispyourkeyboard.example.' and put in
>> a wildcard for it grab all things.. related to it. I make sure that
>> the internal DNS servers are 'authoritative' for these miscreant
>> zones... and that internal boxes aren't able to go to other DNS
>> servers.
>>     
>
> Please excuse my newbie-ness.  I know how to make another zone file,
> but how do I pretend to be authoritative?
>
>   
If the zone is defined as either master or slave, you're authoritative 
for it.

                                                                         
                           - Kevin




More information about the bind-users mailing list