[Dshield] DNS blackholes

Pete Cap peteoutside at yahoo.com
Fri Dec 9 22:07:24 GMT 2005


List,
 
 I had a technical question I hoped someone here could answer.
 
 If you have badguys.org blackholed (say, redirected to 127.0.0.1), and someone on your network sends out a query for that IP, then the DNS server will return 127.0.0.1, right?
 
 Is it still possible for an individual host to send out a request to a specific server (say, dns.otherbadguys.net) for badguys.org, thus bypassing the blackhole?  That is, you're ignoring the local DNS server.
 
 Just wondering!  Thanks!
 
 Regards,
 Pete
 

			
---------------------------------
Yahoo! Shopping
 Find Great Deals on Holiday Gifts at Yahoo! Shopping 


More information about the list mailing list