Quoting Doug McIntyre <mer...@dork.geeks.org>:
In comp.protocols.dns.bind you write:
Has anyone used their internal dns server for blacklisting? I would
like to specifically block access to domains that are spreading
malware. I was grepping around the internet and fell upon this
website http://www.malwaredomains.com/, but dont seem to be able to
get my internal name server to like any of the configs I push on it.
thanks for any advice that might be offered.
It should be easy enough to take the list, parse it into config line
items pointing to a single zone file that just maps * to 127.0.0.1 or
something.
Or you could just use OpenDNS?
(Not that I use them, but thats one of the free features they support).
Sounds good and that is what I thought (except for OpenDNS), however I
created a zone file named blacklist.host and added an entry into my
named.conf file that said
zone "00.devoid.us" {
type master;
file "blockeddomains.host";
};
When I restart named I get the following error message in my message logs:
Mar 24 14:14:14.970 dns_master_load: blockeddomains.host:9: no current
owner name
Mar 24 14:14:14.971 zone 00.devoid.us/IN: loading master file
blockeddomains.host: no owner
I actually have 8 existing zones on this server and they each have a
root server listed in their zone files. Do I need to have a root
server in this one?
thanks,
ddh
--
Dwayne Hottinger
Network Administrator
Harrisonburg City Public Schools
"Everything should be made as simple as possible, but not simpler."
-- Albert Einstein
"The hottest places in Hell are reserved for those who, in times of moral
crisis, preserved their neutrality."
-- Dante
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
