Bogus Wild Card DNS

schilling schilling2006 at gmail.com
Mon Apr 11 17:07:15 UTC 2011


http://netreg.sourceforge.net/

The howto on that page has detailed setup for faked root.

Schilling

On Fri, Apr 8, 2011 at 10:58 AM, Martin McCormick
<martin at dc.cis.okstate.edu> wrote:
> I am trying to set up bind9.7.2P3 in a special manner such as is
> used in network registration setups in which named always
> returns the address of a registration server except for a few
> other domains that supply updates and antivirus scans, etc.
>
>        In this case, I have microsoft.com as the one allowed
> domain and everything else should return the wild card A record.
> What is happening right now is that the one special allowed
> domain works fine and all else returned a SERVFAIL rather than
> resolving to what will eventually be the registration server.
> The microsoft allowed zone is defined in named.conf with
> forwarders
> My understanding is that the only real zone one needs is the
> hint zone or "." and here is mine:
>
> @ IN NS netreg.it.okstate.edu.
> microsoft.com.  IN NS netreg.it.okstate.edu.
> * IN A 139.78.6.193
>
>        Why am I not getting resolution to 139.78.6.193 for any
> other query?
>
>        The log isn't complaining about much of anything but any
> query that is not microsoft returns that SERVFAIL message.
>
>        I must remind anybody experimenting with something like
> this to be sure to put a bogus DNS clause in your functional
> production DNS's so that anything that might somehow leak out of
> this experiment is treated as junk and ignored.
>
>        Many thanks.
>
>
> Martin McCormick WB5AGZ  Stillwater, OK
> Systems Engineer
> OSU Information Technology Department Telecommunications Services Group
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>



More information about the bind-users mailing list