[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: blocking new version of kazaa
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: blocking new version of kazaa
- From: Ben Goren <ben_(_at_)_trumpetpower_(_dot_)_com>
- Date: Thu, 31 Jul 2003 17:49:32 -0700
On Wed, Jul 30, 2003 at 10:06:36PM -0400, Nick Holland wrote:
> Anyway, you set up a DNS resolver for your network, but you
> "poison" it with little tidbits...for example, instead of doing
> a "proper" search to find out what *.kazaa.com is, just tell the
> resolver to ask that program over there...which happens to
> respond "192.168.1.10", "127.0.0.1" or some other address within
> your network for EVERY question it is asked.
Since Nick is using that unclean DNS server, I thought I'd just
chime in with how you'd do it with the real manly man's DNS
server. I haven't upgraded to BIND 9 yet, but I can't imagine it
being *that* different....
Anyway, in your /var/named/named.boot file, add a line like this:
primary kazaa.com kazaa
(Of course, you'll have to set up BIND to work properly for
evrything else, too. If you don't know how, learn before you try
to do this kind of poisoning.)
Then, /var/named/namedb/kazaa will look like:
kazaa.com. IN SOA dns.example.com. myemail.example.com. (
2003073101 ; serial
10800 ; refresh
3600 ; retry
3600000 ; expire
86400 ) ; minimum
IN NS dns.example.com.
localhost.example.com. IN A 127.0.0.1
kazaa.com. IN A 10.0.0.1
*.kazaa.com. IN A 10.0.0.1
You'll want to replace ``10.0.0.1'' with the IP address of
where you'll send the clueless to. And, of course, replace
``example.com'' with your own domain, etc....
The skillful will at the least script the whole thing, or take
advantage of all sorts of nifty things that BIND can do. This
isn't meant to be authoritative--rather, it's just enough to get
you started in the right direction.
[demime 0.98d removed an attachment of type application/pgp-signature]