[Nelug] correcting verisign with bind
Stephen Patterson
steve at patter.mine.nu
Fri Sep 19 19:06:01 UTC 2003
Hi, thought this might be of use.
Given the recent cockup by verisign, I thought I'd reconfigure my name
server so it only resolves existing names. I've done this by declaring
all the name servers which respond to invalid queries as invalid by
adding this to /etc/bind/named.conf (bind 8.3.4-4). This has probably
left a hole in my DNS big enough to fit one of Iain M Bank's
Superlifters through, but I've not had any problems yet with a wide
selection of sites. Even better, I haven't had to patch and recompile
anything or wait for upstream fixes :-)
server 192.35.51.30 {
bogus "yes";
};
server 192.5.6.30 {
bogus "yes";
};
server 192.12.94.30 {
bogus "yes";
};
server 192.33.14.30 {
bogus "yes";
};
server 192.42.93.30 {
bogus "yes";
};
server 192.43.172.30 {
bogus "yes";
};
server 192.41.162.30 {
bogus "yes";
};
server 192.31.80.30 {
bogus "yes";
};
server 192.55.83.30 {
bogus "yes";
};
server 192.54.112.30 {
bogus "yes";
};
server 192.26.92.30 {
bogus "yes";
};
server 192.52.178.30 {
bogus "yes";
};
--
Stephen Patterson http://patter.mine.nu/
steveSPAM at .patter.mine.nu remove SPAM to reply
Linux Counter No: 142831 GPG Public key: 252B8B37
Last one down the pub's an MCSE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mailman.lug.org.uk/pipermail/durham/attachments/20030919/84fb0bcc/attachment.pgp
More information about the Nelug
mailing list