Block outgoing 53 and make them use a local nameserver.
Tracy
You're knowledge surpasses mine in this area.
Please explain how a firewall forcing people to use a local nameserver is more secure. Are you talking about a caching (nonauthoritative) DNS server as well as an authoritative DNS server?
Your local DNS server still has to get info from the Net from other DNS servers so what have you accomplished?
Chris
The local name server will query the root servers to find out who to get information about a zone from. Anyone can create zones for domains on their name server. I could alter my name server to change all google.com addresses to go to through my transparent proxy, that happens to collect all data passing through it. I then get web addresses, user ids, and passwords. You are none the wiser, until that bank account goes empty. As far as what you see, it is the same as you would have seen normally. If you weren't monitoring the network traffic, you would never guess that all your traffic has been forced through a proxy. Companies use this basic technique to monitor and filter traffic all the time, but the same techniques can be used for criminal activities just as easily.
-- "The towels were so thick there I could hardly close my suitcase." --Yogi Bera -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
