|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Patching BIND (Re: What *are* they smoking?)
PWG> Date: Mon, 15 Sep 2003 19:40:33 -0400
PWG> From: Patrick W. Gilmore
PWG> Anyone wanna patch BIND such that replies of that IP addy
PWG> are replaced with NXDOMAIN? That solves the web site and
PWG> the spam problem, and all others, all at once.
I'd actually go for keeping the A RR for '*.net.' and '*.com.' in
an authoritative NS's cache. If any other A RR matches the
cached IP address(es), nuke the RRSet and replace with NXDOMAIN.
Until then, I guess it's time to null route and check for
circumvention. Is AS30060 used for anything legitimate?
Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
DO NOT send mail to the following addresses :
[email protected] -or- [email protected] -or- [email protected]
Sending mail to spambait addresses is a great way to get blocked.
|