> From: Torsten Segner
> subdomain.domain.de 60 A 172.26.30.231
> The above setting is rewriting NXDOMAIN answers for subdomain.domain.de
> to the above IP address while every other host still has the information
> of the customers outside zone.
>
> Am I doing something substantially wrong
On Fri, 2013-04-05 at 08:51 +0200, Torsten Segner wrote:
> $TTL 43200
> @ IN SOA a.prim-ns.de. hostmaster.de.easynet.net. (
> 2012041802 ;
> 28800 ;
> 7200;
> 604800 ;
>
Am Thu, 4 Apr 2013 23:51:23 GMT
schrieb Vernon Schryver :
> > From: Chris Buxton
>
> > A company wants to halt the spread of a piece of malware that
> > uses DNS lookups to find its C&C. ...
>
> > The company has determined the first N domains of the sequence,
> > but does not know how to calcu
> From: Chris Buxton
> A company wants to halt the spread of a piece of malware that
> uses DNS lookups to find its C&C. ...
> The company has determined the first N domains of the sequence,
> but does not know how to calculate the complete set of domains.
> ...
> Unfortunately, because RPZ doe
On Apr 4, 2013, at 1:42 AM, Phil Mayers wrote:
> On 04/04/2013 12:50 AM, Chris Buxton wrote:
>
>> Thanks for the explanation. It seems to me this is a gap in coverage
>> of RPZ -- the algorithm should be updated, in my opinion, to cover
>> the case of a negative answer.
>
> AIUI it's a deliberate
On 04/04/2013 12:50 AM, Chris Buxton wrote:
Thanks for the explanation. It seems to me this is a gap in coverage
of RPZ -- the algorithm should be updated, in my opinion, to cover
the case of a negative answer.
AIUI it's a deliberately limited mechanism aimed at preventing
resolution of harmf
On Apr 3, 2013, at 4:13 PM, Vernon Schryver wrote:
>> From: Chris Buxton
>
>> If a name exists in the response policy, and also exists in the real
>> Internet namespace, the value from the policy is returned. But if it
>> doesn't exist out on the Internet, then the value is not returned --
>> an
> From: Chris Buxton
> If a name exists in the response policy, and also exists in the real
> Internet namespace, the value from the policy is returned. But if it
> doesn't exist out on the Internet, then the value is not returned --
> an NXDOMAIN (or SERVFAIL, or whatever) is returned instead.
>
On Tue, 2013-04-02 at 14:16 -0700, Chris Buxton wrote:
> Can anyone explain this to me?
>
> If a name exists in the response policy, and also exists in the real Internet
> namespace, the value from the policy is returned. But if it doesn't exist out
> on the Internet, then the value is not retu
Can anyone explain this to me?
If a name exists in the response policy, and also exists in the real Internet
namespace, the value from the policy is returned. But if it doesn't exist out
on the Internet, then the value is not returned -- an NXDOMAIN (or SERVFAIL, or
whatever) is returned instea
10 matches
Mail list logo
