well on a dns level will be nice to block it but if the user will have
access to some dns anywhere in the world in any way he can just use some
basic browser tricks to make this dns setup stupid.
i think it's better to use a proxy\fw to block these sites.
you can use let say squid and use some nice and good acls to do all your
the tricks you need.
Regards,
Eliezer
My idea was block all DNS except the bind9 who has this filter. blocking
port 53 will we enought?
I'm using squid but in transparent mode.
I'm reading about this. If i find the solution i will post. Have a lot
of work to read!
Best regards.
--
Emiliano Vazquez | PcCentro Informatica & CCTV
Office: +54 (11) 4951-0203 Interno 4
Movil: 011-15-6253-7165
Mail: emilianovazq...@gmail.com
Web: http://www.pccentro.com.ar
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
