[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] RE: Blocking Bad Win2k DNS Servers
- Subject: Re: [cobalt-users] RE: Blocking Bad Win2k DNS Servers
- From: "E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>
- Date: Tue Jan 22 15:44:02 2002
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> Date: Tue, 22 Jan 2002 17:18:50 -0600
> From: David Lucas <david@xxxxxxxxxxxxxxxx>
[ snip ]
> Now hopefully someone will be able to tell us how to block
> queries. I think there is a different query that is filling up
Let MS configure the border router. *snicker*
Er, block both UDP and TCP port 53 if you want to totally shut
out DNS. Reject for TCP so you send the proper TCP RST.
Note that one can add ACLs in BIND, but that doesn't prevent the
queries from hitting BIND... just determines which ones BIND
answers and which it tells the requestor to get lost.
[ snip ]
> thing. I see these in the kernel log. Where are you seeing
> the dns log entries?
Always a good question to ask. :-)
Eddy
---------------------------------------------------------------------------
Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence
---------------------------------------------------------------------------
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots. Do NOT
send mail to <blacklist@xxxxxxxxx>, or you are likely to be blocked.