Jason Noble wrote:
I changed it to one of our unused real-world IP address, and made a firewall rule to reject all packets destine for that IP.This seems to have the desired effect and I dont think there are any security issues.
It first seems. then it breaks.to prevent application from going where they should not, configure these applications not to go there. if the apps can't be configured, use other applications, or use a proxy or firewall. don't poison your own DNS.
