[Dshield] DNS blackholes
shawn.cox at pcca.com
Fri Dec 9 22:34:46 GMT 2005
wildcards are your friend.
----- Original Message -----
From: "Pete Cap" <peteoutside at yahoo.com>
To: <list at lists.dshield.org>
Sent: Friday, December 09, 2005 4:07 PM
Subject: [Dshield] DNS blackholes
> I had a technical question I hoped someone here could answer.
> If you have badguys.org blackholed (say, redirected to 127.0.0.1), and
> someone on your network sends out a query for that IP, then the DNS server
> will return 127.0.0.1, right?
> Is it still possible for an individual host to send out a request to a
> specific server (say, dns.otherbadguys.net) for badguys.org, thus
> bypassing the blackhole? That is, you're ignoring the local DNS server.
> Just wondering! Thanks!
> Yahoo! Shopping
> Find Great Deals on Holiday Gifts at Yahoo! Shopping
> Using .Net? Need to know more about .Net Security?
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see:
More information about the list