[Dshield] DNS blackholes

David Cary Hart DShield at TQMcube.com
Sun Dec 11 16:46:56 GMT 2005


On Fri, 9 Dec 2005 14:07:24 -0800 (PST)
Pete Cap <peteoutside at yahoo.com> opined:
>  
>  If you have badguys.org blackholed (say, redirected to 127.0.0.1),
> and someone on your network sends out a query for that IP, then the
> DNS server will return 127.0.0.1, right? Is it still possible for an
> individual host to send out a request to a specific server (say,
> dns.otherbadguys.net) for badguys.org, thus bypassing the blackhole?
> That is, you're ignoring the local DNS server. Just wondering!
> Thanks! Regards,

I am curious. What is your objective? Are you using Bind or RBLDNSD to
accomplish this?

-- 
Our DNSRBL - 
       Eliminate Spam: http://www.TQMcube.com/spam_trap.php
        Zombie Graphs: http://www.TQMcube.com/zombies.php
          GeoGraphics: http://www.TQMcube.com/origins.php


More information about the list mailing list