Re: midco DNS corruption?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sun, 2021-01-24 at 09:01 +0000, J.Witvliet--- via users wrote:
> Didn’t know you could do that.
> I tried it, but my bind complained that I was not authoritive.
> (Right now there is a dns-storm against the USA-IRS)

To be honest, I wouldn't advise anyone to start running their own BIND
server unless you felt like learning how to do so.  There are simpler
ways to make browsing less painful (scriptblockers, ad-blockers,
privacy proxies, etc), that are just a browser plug-in to install.

But, for anyone who's already got BIND running, adding a bunch of lines
like the following to the /etc/named.conf file:

zone "doubleclick.net"          { type master; file  "dead.zone"; };
zone "doubleclick.com"          { type master; file  "dead.zone"; };
zone "adwords.google.com"       { type master; file  "dead.zone"; };
zone "googlesyndication.com"    { type master; file  "dead.zone"; };
zone "googleservices.com"       { type master; file  "dead.zone"; };
zone "googleadservices.com"     { type master; file  "dead.zone"; };

Which all load up a barebones dead.zone file from where all your other
zone files are stored (typically /var/named/), just like this:

$TTL 10
@       IN      SOA     ns.localdomain.  hostmaster.mail.localdomain. (
                        42 ; serial
                        20 ; refresh
                        20 ; retry
                        20 ; expire     
                        20 ; ttl
                        )

        IN      NS      ns.localdomain.

This instantly kills traffic to any domain, and sub-domain, that you
list in the named.conf, how I've shown above.  It kills it for anything
that uses the web, not just your web browser.  Your mail client, your
smart TV, etc.

The zone file acts like a wildcard does-not-exist answer to all related
queries.

-- 
 
uname -rsvp
Linux 3.10.0-1160.11.1.el7.x86_64 #1 SMP Fri Dec 18 16:34:56 UTC 2020 x86_64
 
Boilerplate:  All unexpected mail to my mailbox is automatically deleted.
I will only get to see the messages that are posted to the mailing list.
 
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux