Quick and probably dirty BIND method to correct verisign's broken DNS

To: debian-user@lists.debian.org
Subject: Quick and probably dirty BIND method to correct verisign's broken DNS
From: Stephen Patterson <s.patterson@freeuk.com>
Date: 19 Sep 2003 17:56:21 GMT
Message-id: <[🔎] slrnbmmgq4.kh.s.patterson@localhost.localdomain>

Given the recent cockup by verisign, I thought I'd reconfigure my name
server so it only resolves existing names. I've done this by declaring
all the name servers which respond to invalid queries as invalid by
adding this to /etc/bind/named.conf (bind 8.3.4-4). This has probably
left a hole in my DNS big enough to fit one of Iain M Bank's
Superlifters through, but I've not had any problems yet with a wide
selection of sites. Even better, I haven't had to patch and recompile
anything or wait for upstream fixes :-)

server 192.35.51.30 {
        bogus "yes";
};
server 192.5.6.30 {
        bogus "yes";
};
server 192.12.94.30 {
        bogus "yes";
};
server 192.33.14.30 {
        bogus "yes";
};
server 192.42.93.30 {
        bogus "yes";
};
server 192.43.172.30 {
        bogus "yes";
};
server 192.41.162.30 {
        bogus "yes";
};
server 192.31.80.30 {
        bogus "yes";
};
server 192.55.83.30 {
        bogus "yes";
};
server 192.54.112.30 {
bogus "yes";
};
server 192.26.92.30 {
        bogus "yes";
};
server 192.52.178.30 {
        bogus "yes";
};                                            


-- 
Stephen Patterson http://patter.mine.nu/
steveSPAM@.patter.mine.nu  remove SPAM to reply        
Linux Counter No: 142831 GPG Public key: 252B8B37        
Last one down the pub's an MCSE

Reply to:

Prev by Date: Slrn
Next by Date: Debian release schedule
Previous by thread: Re: Slrn
Next by thread: Debian release schedule
Index(es):
- Date
- Thread